FreeBSD Security model

[mark.stewart at bacs.co.uk]

thanks, out of interest what do you code your network programs in and what kind
of admin progs did you write ?

____________________Reply Separator____________________
Subject:    Re[2]: FreeBSD Security model
Author: aledm at qix=2Eco=2Euk
Date:       1/8/02 11:51 AM

On Tue, 8 Jan 2002 mark=2Estewart at bacs=2Eco=2Euk wrote:

>Cool, if all i need to run on a server is sshd, squid and DNS I should=20=
disable
>inetd=2E Whats its purpose anyway, does it stop users from running disallowed
>services ???

Its purpose is to stop the proliferation of standalone daemons, especially
for services which may be rarely invoked and so which don't need to be
running 24x7

TFTP is a good example, I use it to save my router configs but they don't
change that often=2E

In the old days when memory was expensive I used to run sendmail from
inetd ("sendmail -bs" as I recall) on boxes that would receive only a few
messages a day=2E

One side effect of inetd is that it makes writing network programs
easier; you only need to read/write from stdin/stdout and inetd takes care
of the messy socket stuff=2E  You don't even need to worry about handling
multiple requests and forking, since inetd will fork a copy of your server
for each incoming connection if you want=2E

Aled
--         ++  Fast, affordable, server hosting in Telehouse, London  ++
++               http://www=2Eqix=2Eco=2Euk/colo/                ++



-----------------------------------------------------

You can find us at www=2Ebacs=2Eco=2Euk

*****************************************************
This communication is confidential and intended for
the exclusive use of the addressee only=2E You should
not disclose its contents to any other person=2E
If you are not the intended recipient please notify
the sender named above immediately=2E

BACS Limited, registered in England, No 1023742,
3 De Havilland Road, Edgware, Middlesex, HA8 5QA
*****************************************************