RE: Why is proftpd always started when one update it?
That occurs because that is how it is packaged in the .deb when you download
and update it. Unless you package your own from source there is no work
around. That is something configured in the source or when you package the
application I cant remember what way it is don't off the top of my head.
So Basically you will need to get the source and configure it to your
machine and package it with the install and update rd.d function turned off.
-----Original Message-----
From: Preben Randhol [mailto:randhol@pvv.org]
Sent: Monday, June 30, 2003 11:25 AM
To: debian-security@lists.debian.org
Subject: Why is proftpd always started when one update it?
Hi
This is really annoying and insecure. I have proftpd installed on my
debian in those rare occations I cannot use SSH to transfer files
from another computer. However I do not want proftpd to run except when
I start it manually myself and after the transfer I turn it off. I saw
now that there was an security alert for proftpd so I updated it and
again it put up symlinks in /etc/rcX.d/ so that the proftpd starts when
I boot the system. I had to do a update-rc.d -f proftpd remove again.
The first times I updated proftpd (and other servers) I didn't notice
that after an update it started them up even though I had turned that
off, so I was surprised to find them running. I think that you should
get asked if you want to start up the servers at boot time when you
install one. I don't find it good security practise to just assume the
installer wants it running at all times. And I don't understand why this
is still the default behaviour of Debian GNU/Linux.
If somebody could explain why it is like this it would be nice.
Thanks in advance.
Preben Randhol
--
Ada95 is good for you.
http://www.crystalcode.com/codemage/MainMenu/Coding/Ada/IntroducingAda.php
--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
Reply to: