Bug 1892 - Open Services.
Summary: Open Services.
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: netkit-base
Version: 6.0
Hardware: i386
OS: Linux
Target Milestone: ---
Assignee: Jay Turner
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 1999-03-30 18:59 UTC by Wil Harris
Modified: 2015-01-07 23:36 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 1999-03-30 20:32:22 UTC

Attachments (Terms of Use)

Description Wil Harris 1999-03-30 18:59:36 UTC
Everything in the /etc/inetd.conf is open by default,
upgrade replaces any copies that have been edited to turn
off vunerable services(ie: imap) and other services that
could cause a compromise of security(rlogin, rshell,
finger). Perhaps the policy should be all services need to
be disabled by default, and force the user to enable them
either during the install, or by hand if they know what they
are and know they need them. It is a general rule, if you
dont know, dont use it. If the user knows they need an ftp
service then letting them turn it on would be better than a
user not knowing these services are on, and having to turn
them off would provide more in the lines of security for a
newly installed system than the current setup.

Comment 1 Preston Brown 1999-03-30 20:32:59 UTC
when you upgrade netkit-base from now on, /etc/inetd.conf will not get
overwritten.  Instead, if you have edited /etc/inetd.conf, the "new"
inetd.conf will be written to /etc/inetd.conf.rpmnew.  You are then
free to add any entries that you need to if you wish, and any services
you have turned off will not be turned back on automatically.

Note You need to log in before you can comment on or make changes to this bug.