Re: rlinetd security
>From Pat Moffitt on Tuesday, 19 June, 2001:
>> -----Original Message-----
>> From: Joseph Pingenot [mailto:jap3003@ksu.edu]
>> Sent: Tuesday, June 19, 2001 9:54 AM
>> To: debian-security@lists.debian.org
>> Subject: Re: rlinetd security
>[snip]
>> While we're at it, it'd be nice if the packages (on an update)
>> didn't re-enable
>> themselves if I've disabled them. Inetd should check each of
>> the runlevels to
>> see if it's currently enabled (/etc/rc?.d). If it's not, it
>> shouldn't make it
>> so. The same goes for all the other services in /etc/rc?.d.
>> Also, if it
>> isn't listed in /etc/inetd.conf, the admin has probably removed
>> it, and it
>> shouldn't add itself back in.
>> Just something that's annoyed me when updating daily. :)
>The latest exim update got me on that one. I have exim running all the
>time, don't want it in inetd.conf....
Yup, me too. that's why I wrote in. :) Maybe we can make inetd.conf
ugo-r by default? That'll help keep stuff from writing to it, and
inexperienced sysadmins from letting stuff add to it. *But* it should
be empty first. :)
-Joseph
--
Joseph==============================================jap3003@ksu.edu
"IBM were providing source code in the 1960's under similar terms.
VMS source code was available under limited licenses to customers
from the beginning. Microsoft are catching up with 1960."
--Alan Cox, http://www2.usermagnet.com/cox/index.html
Reply to: