Subject: Re: inetd.conf [ CVS commit: basesrc]
To: None <>
From: Herb Peyerl <>
List: tech-net
Date: 06/06/2000 08:26:37
Bill Sommerfeld <>  wrote:
 > Leaving things turned on in inetd.conf by default is worse than what
 > we have now from a security standpoint.  Most security compromises
 > i've seen come from unneeded services (e.g., breakins through imapd on
 > linux boxes which didn't have any reason to receive mail).

We ship with an empty root pw.  I'm not sure how much less secure you can
get out of the box...

I think it's clear that users are expected to do _some_ configuration 
when they open the box... If we ship with "INETD=no" and they want to 
turn it on, then they should also configure it... Just like you have
to configure sendmail when you turn it on too.