[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Dropping telnetd and rsh* for security reasons?

On Thu, 15 May 2003, Paul Johnson wrote:

> Hash: SHA1
> Please turn your line wraps on to about 72 columns.
> On Thu, May 15, 2003 at 12:12:43PM +0200, Nico Meijer wrote:
> > I have only one suggestion: let's forget about telnet and keep it at
> > ssh. OpenSSH is installed in a few seconds and PuTTy (for win32) is
> > only a click away.
> How does one request a package be removed?  Seems like now is a very
> good time to drop telnetd from the distro altogether as a security
> hazard, along with rsh...

Please don't do this! I need telnetd for a specific application, for which
ssh is not practical. I know the risks and accept them. Put a dire warning
on the screen when installing if you must, but don't drop the opportunity
just to protect me from myself.


Andrew J Perrin - http://www.unc.edu/~aperrin
Assistant Professor of Sociology, U of North Carolina, Chapel Hill
clists@perrin.socsci.unc.edu * andrew_perrin (at) unc.edu

Reply to: