Bug 83846 - RFE: prefer TCP wrapper for denying access
RFE: prefer TCP wrapper for denying access
Status: CLOSED CURRENTRELEASE
Product: Red Hat Linux
Classification: Retired
Component: rhl-rg (Show other bugs)
9
All Linux
medium Severity medium
: ---
: ---
Assigned To: Johnray Fuller
: FutureFeature
Depends On:
Blocks: 89274
  Show dependency treegraph
 
Reported: 2003-02-09 14:43 EST by Michael Redinger
Modified: 2007-04-18 12:50 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2003-06-30 15:42:17 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Michael Redinger 2003-02-09 14:43:05 EST
Red Hat Linux Reference Guide 8.0.93
Page 112f (9.4.3.2. Access Control Options)
Add a note that it's almost always better to not use control options
in xinetd but rely on hosts.(allow|deny) instead.
In hosts.deny you can block everything with ALL: ALL and then allow
the required services in hosts.allow.
If you use only_from or no_access in the xinetd configuration files, you
miss those programs that are not started using xinetd but are also using
TCP wrappers. Mixing both is obviousely a bad idea, so use
hosts.(allow|deny) instead.
Comment 1 Johnray Fuller 2003-02-12 02:49:37 EST
There is talk of changing TCP wrappers infrastructure, so I did not "go there." 

I will leave this as an RFE for next round.

Thanks again.

Johnray
Comment 2 Johnray Fuller 2003-06-30 15:42:17 EDT
I have added this information to the most recent version.

This chapter will be on the Docs Beta CD and in the final product.

J

Note You need to log in before you can comment on or make changes to this bug.