netstd upgrade modifies inetd.conf

To: debian-user@lists.debian.org
Subject: netstd upgrade modifies inetd.conf
From: Loic Prylli <lprylli@graville.fdn.fr>
Date: Tue, 24 Dec 1996 00:46:40 +0100 (MET)
Message-id: <[🔎] m0vcK4u-000wkHC@graville.fdn.fr>

My computer is mono-user, so I my account and the root account
have no password.
As I am sometimes connected to the internet, I disabled almost every
entries in /etc/inetd.conf to be safe.

The problem is that an upgrade of netstd has reenabled most of this
entries (rlogin, telnet, ...), which I did not notice at once. Looking
to the postinst script of netstd I have seen that this upgrade
behaviour should occur only when entries had been disabled with
update-inetd (this was my case) which prefix them with "#<off>#". 

I think this is very misleading. I have seen nowhere documented that
update-inetd is reserved for configuration script and should not be
used by the adminstrator. But if he uses it, an upgrade may render his
system insecure.

Have I missed some documentation that explains this problem? I think
there should be a warning in the update-inetd man page.

Loic





--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com

Reply to:

Prev by Date: Re: Suggestion
Next by Date: libXt.so.6
Previous by thread: Re: shadow password support
Next by thread: libXt.so.6
Index(es):
- Date
- Thread