Re: Dropping telnetd and rsh* for security reasons?
On Thu, 15 May 2003, Paul Johnson wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Please turn your line wraps on to about 72 columns.
>
> On Thu, May 15, 2003 at 12:12:43PM +0200, Nico Meijer wrote:
>
> > I have only one suggestion: let's forget about telnet and keep it at
> > ssh. OpenSSH is installed in a few seconds and PuTTy (for win32) is
> > only a click away.
>
> How does one request a package be removed? Seems like now is a very
> good time to drop telnetd from the distro altogether as a security
> hazard, along with rsh...
>
Please don't do this! I need telnetd for a specific application, for which
ssh is not practical. I know the risks and accept them. Put a dire warning
on the screen when installing if you must, but don't drop the opportunity
just to protect me from myself.
ap
----------------------------------------------------------------------
Andrew J Perrin - http://www.unc.edu/~aperrin
Assistant Professor of Sociology, U of North Carolina, Chapel Hill
clists@perrin.socsci.unc.edu * andrew_perrin (at) unc.edu
Reply to: