[Multiple messages quoted here.]

> Maybe we could get away with an extra comment next to the portmap=
> entry, plus the syslogged WARNING on boot if one of the other flags
> enables portmap?

> I really, really object to it starting portmap unless it's been
> specifically requested.  [...default to more-secure...]

> 	Proposal:
> 	    - If any portmap dependent service is enabled without
> 	      portmap, syslog a big warning, and disable service.
> 	    - Add a comment in rc.conf by each portmap dependent
> 	      service to the effect it needs portmap enabled.

I am leery of anything that automatically enables or disables anything
based on anything else.  I don't see why we should make it impossible
to run (say) the NFS server without portmap if that's what the admin
has configured.  (A warning I have no problem with, though a nice frill
might be a way to tell it "yes, I know I configured it that way and
that's how I want it, shut up".)

"UNIX doesn't stop you from doing stupid things because that would also
stop you from doing clever things."  I don't know what those clever
things might be in this case, but I'm sure they're lurking somewhere,
waiting for someone to discover them.

I guess it's a question of when it gets to the point of being unusual
enough that we don't mind telling people "if you want to do that, go
hack on /etc/rc".

					der Mouse

			       mouse@rodents.montreal.qc.ca
		     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B