Date: Mon, 22 Apr 2002 19:08:18 +0800 From: "Rafter Man" <rafter@linuxmail.org> To: freebsd-questions@FreeBSD.ORG Subject: [security] Re: Mysterious sshd "starting itself" at bootup Message-ID: <20020422110818.17894.qmail@linuxmail.org>
next in thread | raw e-mail | index | archive | help
----- Original Message -----
From: "Peter Leftwich" <Hostmaster@Video2Video.Com>
> It was my understanding that the stuff in /etc/rc.network have some
> dependencies on what the sysadmin has configured IN /etc/rc.conf as there
> are some lines in my /etc/rc.network that say:
>
> case ${sshd_enable} in
> [Yy][Ee][Ss])
>
> And some lines in my /etc/rc.conf that say:
>
> sshd_enable="NO" # Enable sshd
>
> ...which in other words would match the /etc/rc.network stuff above were it:
>
> case ${sshd_enable} in
> [Nn][Oo])
Maybe it is just me, but for security reasons I think that it should only be possible to start services
from 1 file/place at bootup. So that you in /boot have a directory for the system bootup files (all for them)
and one for user and other (programs and services) bootup files.
This way ALL the boot files and in /boot and services like FTP, SMTP, SSH, HTTP can not be started
by system files, but only by user/other files.
Likewise I think that there should be a /etc/services directory with underdirectories like:
/etc/services/ftp and ALL the configuration files for ftp should be there, but maybe I am
the only one who likes it when things are sooooo simple.
I am VERY pleased to see that FreeBSD 5.0 have put some order in the FreeBSD filesystem, but
I still think there are to many exampels for configuration files not "in place". Meaning
that in order to setup (fx) sendmail, you have to studie which bootfiles it writes to and
where it put all it's own configuration files, things could be a lot easier if all were in
"the right place".
So when you install a service, fx sendmail files go here:
/boot/services/sendmail.sh (if the files is a script then run it)
/etc/service/sendmail/ all sendmails configuration files
/usr/services/sendmail/ all sendmails other files.
Or is this just plain dumb?
/rafter
--
Get your free email from www.linuxmail.org
Powered by Outblaze
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020422110818.17894.qmail>