Red Hat Bugzilla – Bug 1892
Last modified: 2015-01-07 18:36:53 EST
Everything in the /etc/inetd.conf is open by default,
upgrade replaces any copies that have been edited to turn
off vunerable services(ie: imap) and other services that
could cause a compromise of security(rlogin, rshell,
finger). Perhaps the policy should be all services need to
be disabled by default, and force the user to enable them
either during the install, or by hand if they know what they
are and know they need them. It is a general rule, if you
dont know, dont use it. If the user knows they need an ftp
service then letting them turn it on would be better than a
user not knowing these services are on, and having to turn
them off would provide more in the lines of security for a
newly installed system than the current setup.
when you upgrade netkit-base from now on, /etc/inetd.conf will not get
overwritten. Instead, if you have edited /etc/inetd.conf, the "new"
inetd.conf will be written to /etc/inetd.conf.rpmnew. You are then
free to add any entries that you need to if you wish, and any services
you have turned off will not be turned back on automatically.