Bug 16562 – tfpd started by default

Bug 16562 - tfpd started by default

Summary:	tfpd started by default

Status:	CLOSED WONTFIX

Aliases:	None

Product:	Red Hat Linux
Classification:	Retired
Component:	tftp (Show other bugs)
Sub Component:
Version:	7.1
Hardware:	i386 Linux

Priority	high Severity high
Target Milestone:	---
Target Release:	---
Assigned To:	Bill Nottingham
QA Contact:
Docs Contact:

URL:
Whiteboard:
Keywords:

Duplicates:	16558 16559 16560 16561 (view as bug list)
Depends On:
Blocks:
	Show dependency tree / graph

Reported:	2000-08-19 00:24 EDT by Adrian Likins
Modified:	2014-03-16 22:15 EDT (History)
CC List:	2 users (show)

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2000-08-19 00:24:51 EDT
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description Adrian Likins 2000-08-19 00:24:49 EDT

tfpd-server is part of the "network server" comp,
and when installed, it is started automatically
via xinetd. Especially considering that this
comp gets included in "web server" and "ftp server"
and "DNS name server", all of which increase the
likelyhood of a machine being attacked or DoS'ed
greatly. Having stuff like tfpd running is
not a good thing for this type of machine.

Comment 1 Jeff Johnson 2000-08-19 10:03:33 EDT

Feature: installing the package enables the service. Don't install if you don't
want. the service
enabled.

Comment 2 Jeff Johnson 2000-08-19 10:04:12 EDT

*** Bug 16561 has been marked as a duplicate of this bug. ***

Comment 3 Jeff Johnson 2000-08-19 10:04:45 EDT

*** Bug 16560 has been marked as a duplicate of this bug. ***

Comment 4 Jeff Johnson 2000-08-19 10:05:21 EDT

*** Bug 16559 has been marked as a duplicate of this bug. ***

Comment 5 Jeff Johnson 2000-08-19 10:05:59 EDT

*** Bug 16558 has been marked as a duplicate of this bug. ***

Comment 6 Adrian Likins 2000-08-21 12:57:00 EDT

The comp "Network Server" should then be removed from
any standard comp. Starting most of the services in
the "Network Server" comp by default is a mistake
in almost all cases. I can't think of many cases
where someone needs tftp or fingerd running
where they wouldnt be able to figure out
how to start it manually.

With the current comps file, all of these
useless services get installed and started
with a default config with almost any network
related comp. This is going to cause problems.
I can count the number of people running
a "Web Server" who automatically wont tftpd
and talkd running on 0 hands. This is a
bad idea. 

I dont think the standard user, or the
power user or admin, is going to
expect the "Web Server" installation
option to startup a finger server or
a talk server. This is extremely unexpected
behaviour.

Suggestion: move finger, talk, tftp,rwall,
rusers,telnet, and ypserver to a "Misc Network
Services" comp and _DO NOT_ include them
in any of the Web/NFS/SMB/DNS/yp/News/etc
server comps.

Note You need to log in before you can comment on or make changes to this bug.