Albert Hurd wrote: > 1. Why is smtp installed by default? The typical user who uses Netscape > apparently > doesn't need it. Perhaps it should be installed only with packages that need > it, and security > problems addressed.
Extract from slink netbase_3.11-1.2.deb's postinst file : # create a new /etc/inetd.conf file if it doesn't already exist if [ ! -f /etc/inetd.conf ]; then cat <<EOC >/etc/inetd.conf # /etc/inetd.conf: see inetd(8) for further informations. # # Internet server configuration database # # # Lines starting with "#:LABEL:" or "#<off>#" should not # be changed unless you know what you are doing! # # If you want to disable an entry so it isn't touched during # package updates just comment it out with a single '#' character. # # Packages should modify this file by using update-inetd(8) # # <service_name> <sock_type> <proto> <flags> <user> <server_path> <args> # #:INTERNAL: Internal services #echo stream tcp nowait root internal #echo dgram udp wait root internal #chargen stream tcp nowait root internal #chargen dgram udp wait root internal discard stream tcp nowait root internal discard dgram udp wait root internal daytime stream tcp nowait root internal #daytime dgram udp wait root internal time stream tcp nowait root internal #time dgram udp wait root internal #:STANDARD: These are standard services. #:BSD: Shell, login, exec and talk are BSD protocols. #:MAIL: Mail, news and uucp services. #:INFO: Info services #:BOOT: Tftp service is provided primarily for booting. Most sites # run this only on machines acting as "boot servers." #:RPC: RPC based services #:HAM-RADIO: amateur-radio services #:OTHER: Other services EOC on mine : funkiest:~/t$ telnet localhost 25 Trying 127.0.0.1... telnet: Unable to connect to remote host: Network is unreachable So it looks as though smtp port is disabled by default. Unfortunately, the file in question is a config file. These present problems when upgrading, since you want your customisations to remain but you may also want some of the features in the new config file. dpkg asks you what to do in this case. I always pick "N" and take a note of the config file. Then I can take a look later to pick out whether I want my old file, the new file (<oldfilename>.dist-dpkg) or a mixture of both. But it looks like Debian is secured against this type of atrocious behaviour by default on each new install, AFAIK. > Albert Hurd -- Regards, Paul
