Re: disabling inetd

To: "debian-user@lists.debian.org" <debian-user@lists.debian.org>
Subject: Re: disabling inetd
From: Rick Weinbender <rwein@central-ph.k12.mo.us>
Date: Mon, 15 Dec 2003 09:13:07 -0600
Message-id: <[🔎] 3FDDCF83.C346909E@central-ph.k12.mo.us>
References: <[🔎] 3FDA150A.F4CDE15E@central-ph.k12.mo.us> <[🔎] 20031212194148.GA27271@scatterbolt.r00tserverz.net> <[🔎] 20031213024452.GE452@doorstop.net>


Vineet Kumar wrote:

> * Initech (initech@r00tserverz.net) [031212 13:42]:
> > On Fri, Dec 12, 2003 at 01:20:42PM -0600, Rick Weinbender wrote:
> > > I've heard that the inetd process is not very secure.
>
> That's not necessarily true.  What is "not very secure" is running any
> service you don't need.  If you don't have anything necessary being run
> from inetd, why run inetd?
>
> > > Is there a way to remove it or disable it permanently.
> > > Would this be a good thing to do?  Or will it just cause
> > > me problems down the road.
> >
> > inetd is not really insecure, it the junk people start from it that is
> > insecure (finger, telnet, god knows what else).  inetd is a very
> > useful memory saver for services you want to run on year machine, but
> > only want them run when needed.
> >
> > You can disable it if you like by running
> >
> > update-rc.d -f inetd remove
> >
> > (note: this is the way you modify init scripts in debian)
>
> note: this is _not_ the way you modify init scripts in debian.
>
> 'update-rc.d -f inetd remove' might be a fine thing for inetd's postrm
> script to run.  That's about it.  99% of the time, the above invocation
> is not what you want to do.
>
> Most often, I think, if you think you want to do "update-rc.d -f
> $package remove", you usually really mean 'dpkg --remove $package".
> Or sometimes you want rm /etc/rc2.d/S??$package.  Other times,
> it's to edit /etc/init.d/$package and insert an 'exit 0' near the top.
>
> One of these days I'll get around to canning this rant; I'm getting
> tired of writing about this and it's starting to show. =p  However, I do
> still think it an important myth to shoot down each time I see it,
> because the only way I can figure that anyone thinks that 'update-rc.d
> -f inetd remove' is a reasonable thing to do is because they saw someone
> else suggest it here without being corrected.  I guess it sounds kind of
> like update-menus or update-modules, so people think it's "The Debian
> Way" of managing sysvinit rc.d boot directories.
>
> Anyway, Rick, I'd suggest you remove the inetd package altogether.
>
> good times,
> Vineet
> --
> http://www.doorstop.net/
> --
> http://www.sprintpcs-sucks.org/
>
>   ------------------------------------------------------------------------
>                        Name: signature.asc
>    signature.asc       Type: application/pgp-signature
>                 Description: Digital signature

*****************************************

Thanks everyone for the good advice.
-Rick

Reply to:

References:
- disabling inetd
  - From: Rick Weinbender <rwein@central-ph.k12.mo.us>
- Re: disabling inetd
  - From: Initech <initech@r00tserverz.net>
- Re: disabling inetd
  - From: Vineet Kumar <vineet@doorstop.net>

Prev by Date: Re: My Debian box can't connect Internet
Next by Date: Re: Debian installation trouble on server
Previous by thread: Re: disabling inetd
Next by thread: Re: disabling inetd
Index(es):
- Date
- Thread