|Product:||[Retired] Red Hat Linux||Reporter:||Wil Harris <wil>|
|Component:||netkit-base||Assignee:||Jay Turner <jturner>|
|Status:||CLOSED CURRENTRELEASE||QA Contact:|
|Fixed In Version:||Doc Type:||Bug Fix|
|Doc Text:||Story Points:||---|
|Last Closed:||1999-03-30 20:32:22 UTC||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
Description Wil Harris 1999-03-30 18:59:36 UTC
Everything in the /etc/inetd.conf is open by default, upgrade replaces any copies that have been edited to turn off vunerable services(ie: imap) and other services that could cause a compromise of security(rlogin, rshell, finger). Perhaps the policy should be all services need to be disabled by default, and force the user to enable them either during the install, or by hand if they know what they are and know they need them. It is a general rule, if you dont know, dont use it. If the user knows they need an ftp service then letting them turn it on would be better than a user not knowing these services are on, and having to turn them off would provide more in the lines of security for a newly installed system than the current setup.
Comment 1 Preston Brown 1999-03-30 20:32:59 UTC
when you upgrade netkit-base from now on, /etc/inetd.conf will not get overwritten. Instead, if you have edited /etc/inetd.conf, the "new" inetd.conf will be written to /etc/inetd.conf.rpmnew. You are then free to add any entries that you need to if you wish, and any services you have turned off will not be turned back on automatically.