Vineet Kumar wrote:
> * Initech ([EMAIL PROTECTED]) [031212 13:42]: > > On Fri, Dec 12, 2003 at 01:20:42PM -0600, Rick Weinbender wrote: > > > I've heard that the inetd process is not very secure. > > That's not necessarily true. What is "not very secure" is running any > service you don't need. If you don't have anything necessary being run > from inetd, why run inetd? > > > > Is there a way to remove it or disable it permanently. > > > Would this be a good thing to do? Or will it just cause > > > me problems down the road. > > > > inetd is not really insecure, it the junk people start from it that is > > insecure (finger, telnet, god knows what else). inetd is a very > > useful memory saver for services you want to run on year machine, but > > only want them run when needed. > > > > You can disable it if you like by running > > > > update-rc.d -f inetd remove > > > > (note: this is the way you modify init scripts in debian) > > note: this is _not_ the way you modify init scripts in debian. > > 'update-rc.d -f inetd remove' might be a fine thing for inetd's postrm > script to run. That's about it. 99% of the time, the above invocation > is not what you want to do. > > Most often, I think, if you think you want to do "update-rc.d -f > $package remove", you usually really mean 'dpkg --remove $package". > Or sometimes you want rm /etc/rc2.d/S??$package. Other times, > it's to edit /etc/init.d/$package and insert an 'exit 0' near the top. > > One of these days I'll get around to canning this rant; I'm getting > tired of writing about this and it's starting to show. =p However, I do > still think it an important myth to shoot down each time I see it, > because the only way I can figure that anyone thinks that 'update-rc.d > -f inetd remove' is a reasonable thing to do is because they saw someone > else suggest it here without being corrected. I guess it sounds kind of > like update-menus or update-modules, so people think it's "The Debian > Way" of managing sysvinit rc.d boot directories. > > Anyway, Rick, I'd suggest you remove the inetd package altogether. > > good times, > Vineet > -- > http://www.doorstop.net/ > -- > http://www.sprintpcs-sucks.org/ > > ------------------------------------------------------------------------ > Name: signature.asc > signature.asc Type: application/pgp-signature > Description: Digital signature ***************************************** Thanks everyone for the good advice. -Rick -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
