tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: inetd(8): cmdif as builtin



On Fri, Jun 09, 2023 at 08:47:10AM -0400, Mouse wrote:
> 
> In any case, the major issue I would have with it is the lack of
> authentication.  But that's so obvious that I assume you would be doing
> something like requiring a password - or doing it only for AF_LOCAL
> sockets and using LOCAL_PEEREID.  (This is pretty close to what most of
> my pidconn servers do - they use the pidconn analog of LOCAL_PEEREID to
> verify that the client is either root or the same UID the server is
> running as.)
> 

When this was done in last years GSoC it was a AF_LOCAL socket to
control inetd.  I am not sure that inetd having a configuration service
listening on the network is a really good idea - to me, it sounds
dangerous and I am dubious that there are many situations that require
remote configuration of inetd.

-- 
Brett Lymn
--
Sent from my NetBSD device.

"We are were wolves",
"You mean werewolves?",
"No we were wolves, now we are something else entirely",
"Oh"


Home | Main Index | Thread Index | Old Index