Re: the netbase/inetd conspiracy

To: debian-devel@lists.debian.org
Subject: Re: the netbase/inetd conspiracy
From: tb@becket.net (Thomas Bushnell, BSG)
Date: 24 Sep 2002 19:55:55 -0700
Message-id: <[🔎] 87it0udbgk.fsf@becket.becket.net>
In-reply-to: <[🔎] 20020925023211.GA16065@azure.humbug.org.au>
References: <[🔎] 87n0q9z6vm.fsf@becket.becket.net> <[🔎] 20020923041406.GC29938@azure.humbug.org.au> <[🔎] 20020923152941.GA15696@molehole.dyndns.org> <[🔎] 20020923164813.GB13599@azure.humbug.org.au> <[🔎] 878z1sqyse.fsf@becket.becket.net> <[🔎] 20020924031635.GB30450@azure.humbug.org.au> <[🔎] 20020924091300.GA5527@cs140102.pp.htv.fi> <[🔎] E17tmSF-0001eU-00@mid.downhill.at.eu.org> <[🔎] 20020924165042.GA7157@cs140102.pp.htv.fi> <[🔎] E17tvO9-0005cF-00@mid.downhill.at.eu.org> <[🔎] 20020925023211.GA16065@azure.humbug.org.au>

Anthony Towns <aj@azure.humbug.org.au> writes:

> On Tue, Sep 24, 2002 at 09:30:29PM +0200, Andreas Metzler wrote:
> > >> Add exit 0 at the top of /etc/init.d/inetd
> > > That only helps if the init script is the only way to start inetd.
> > > If you want to disable it for security reasons, and want to make sure
> > > it can't start even by accident, then that's not good enough.
> > I can only think of two ways it could accidentally started are:
> > * big bug: [...]
> > * root is silly and executes /usr/sbin/inetd directly.
> 
> If you're really worried about these, you should also be worried about
> someone calling /usr/sbin/inetd with a file other than /etc/inetd.conf
> as an argument, and starting up whatever services they might happen to
> want, whether /etc/inetd.conf exists or not.

Of course, inetd can't start any daemons that aren't already there.
And, if the daemons are there, somebody might start them without inetd
being there at all.

Reply to:

Follow-Ups:
- Re: the netbase/inetd conspiracy
  - From: Anthony Towns <aj@azure.humbug.org.au>

References:
- Re: the netbase/inetd conspiracy
  - From: tb@becket.net (Thomas Bushnell, BSG)
- Re: the netbase/inetd conspiracy
  - From: Anthony Towns <aj@azure.humbug.org.au>
- Re: the netbase/inetd conspiracy
  - From: Steve Greenland <steveg@moregruel.net>
- Re: the netbase/inetd conspiracy
  - From: Anthony Towns <aj@azure.humbug.org.au>
- Re: the netbase/inetd conspiracy
  - From: tb@becket.net (Thomas Bushnell, BSG)
- Re: the netbase/inetd conspiracy
  - From: Anthony Towns <aj@azure.humbug.org.au>
- Re: the netbase/inetd conspiracy
  - From: Richard Braakman <dark@xs4all.nl>
- Re: the netbase/inetd conspiracy
  - From: Andreas Metzler <ametzler@downhill.at.eu.org>
- Re: the netbase/inetd conspiracy
  - From: Richard Braakman <dark@xs4all.nl>
- Re: the netbase/inetd conspiracy
  - From: Andreas Metzler <ametzler@downhill.at.eu.org>
- Re: the netbase/inetd conspiracy
  - From: Anthony Towns <aj@azure.humbug.org.au>

Prev by Date: Re: the netbase/inetd conspiracy
Next by Date: Re: inclusion of a debian dir in upstream src
Previous by thread: Re: the netbase/inetd conspiracy
Next by thread: Re: the netbase/inetd conspiracy
Index(es):
- Date
- Thread