Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 27 Jul 1998 16:15:59 -0400 (EDT)
From:      Robert Watson <robert@cyrus.watson.org>
To:        freebsd-security@FreeBSD.ORG
Subject:   inetd enhancements (fwd)
Message-ID:  <Pine.BSF.3.96.980727161523.8094F-100000@fledge.watson.org>
next in thread | raw e-mail | index | archive | help 

This seems like security to me -- the binding issue is especially relevant
to firewall hosts (multi-homed).

  Robert N Watson 

Carnegie Mellon University            http://www.cmu.edu/
TIS Labs at Network Associates, Inc.  http://www.tis.com/
SafePort Network Services             http://www.safeport.com/
robert@fledge.watson.org              http://www.watson.org/~robert/

---------- Forwarded message ----------
Date: Mon, 27 Jul 1998 12:19:56 -0500
From: Jacques Vidrine <n@nectar.com>
To: hackers@FreeBSD.ORG
Subject: inetd enhancements

-----BEGIN PGP SIGNED MESSAGE-----

Hi,

I'd like to add some functionality to inetd.  The two features
needed are:

* binding selected services to a particular interface
* chroot'ing before exec'ing the service

I've implemented these features as a port that modifies the
stock inetd source:
 
  http://www.freebsd.org/~nectar/ports/ninetd.shar
  http://www.freebsd.org/~nectar/ports/ninetd.tar.gz

(the modified inetd gets installed in /usr/local/sbin, 
and gets its config from /usr/local/etc/inetd.conf, so
it shouldn't be too intrusive)

I also came across a patch that implements the binding
in a different manner: see PR bin/2387.

I'd like comments.

Jacques Vidrine <n@nectar.com>



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBNby2vDeRhT8JRySpAQEzYQQAyWBRkv1lhYxrnT3GUeVSTh1CcUesQdXT
nDvIIjO5AlQHXQodH241WZBED3v2fcnjmf5hc5msg3E4H5yx059T7TexG9pHeIXT
EiUQe/ZqG6LP2Cs4rN3kGmPIsp1442byE3MmeaNO80VSmhv0olx6r5KV0YR4qVqo
FyPgUDxwWcM=
=S1bV
-----END PGP SIGNATURE-----

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980727161523.8094F-100000>