On 00-10-15 Anthony Towns wrote:
> On Sat, Oct 14, 2000 at 12:24:36PM +0200, Christian Kurz wrote:
> > Well, it has a priority of standard, which looks for me like it will be
> > installed on default installations, which includes a lot of installation
> > where it's not needed. And if then get's standard, this creates a
> > security hole which is absolutely not needed.
> Huh? What security hole would this be exactly? This seems like blatant FUD.
No, I want call it FUD to have another daemon running if it's absolutely
not needed. portmap opens another port to the internet and so increase
the vulnerability of the workstation or server, where it is running.
Also there were some recent exploits in the nfs-package which relys on
functions of the portmap-daemon. So having nfs and portmap running on a
standard system doesn't increase but decrease the security of the
system. So please consider placing portmap and nfs at a lower priority
then standard.
Ciao
Christian
--
Debian Developer and Quality Assurance Team Member
1024/26CC7853 31E6 A8CA 68FC 284F 7D16 63EC A9E6 67FF 26CC 7853
Attachment:
pgpEDYWGjOVB1.pgp
Description: PGP signature