Bug 83846 - RFE: prefer TCP wrapper for denying access
RFE: prefer TCP wrapper for denying access
Product: Red Hat Linux
Classification: Retired
Component: rhl-rg (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Johnray Fuller
: FutureFeature
Depends On:
Blocks: 89274
  Show dependency treegraph
Reported: 2003-02-09 14:43 EST by Michael Redinger
Modified: 2007-04-18 12:50 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2003-06-30 15:42:17 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Michael Redinger 2003-02-09 14:43:05 EST
Red Hat Linux Reference Guide 8.0.93
Page 112f ( Access Control Options)
Add a note that it's almost always better to not use control options
in xinetd but rely on hosts.(allow|deny) instead.
In hosts.deny you can block everything with ALL: ALL and then allow
the required services in hosts.allow.
If you use only_from or no_access in the xinetd configuration files, you
miss those programs that are not started using xinetd but are also using
TCP wrappers. Mixing both is obviousely a bad idea, so use
hosts.(allow|deny) instead.
Comment 1 Johnray Fuller 2003-02-12 02:49:37 EST
There is talk of changing TCP wrappers infrastructure, so I did not "go there." 

I will leave this as an RFE for next round.

Thanks again.

Comment 2 Johnray Fuller 2003-06-30 15:42:17 EDT
I have added this information to the most recent version.

This chapter will be on the Docs Beta CD and in the final product.


Note You need to log in before you can comment on or make changes to this bug.