On Wed, 18 Aug 2010 01:39:54 +0200 melodra...@online.de wrote: > > There is no harm in having inetd installed, likewise for the other > > daemons. They are for one not started (unless your OS does > > something, which we cannot control anyway), and require root access > > to run. Some programs do get installed as SUID root, like ping > > which require special access when creating ports, but that is it. > > you don't see potential harm in unforeseen situations and in SUID > root? are you only a developer or do you also admin a system. i mean, > do you have some experience with administration? is the simple rule > 'do not leave stuff on the system that isn't needed and potentially > dangerous!' known to you? there is a simple reason for this rule. > shit happens! possibly because of oneself. possibly through the > browser. one never knows. is the firewall set correctly? are ports > left open? things can be checked, but the one who can start a daemon > on your system can possibly also open ports!
just an appendix from wikipedia: Security concerns While the inetd concept as a service dispatcher is not inherently insecure, the long list of services that inetd traditionally provided gave computer security experts pause. The possibility of a service having an exploitable flaw, or the service just being abused, had to be considered. Unnecessary services were disabled and "off by default" became the mantra. It is not uncommon to find an /etc/inetd.conf with almost all the services commented out in a modern Unix distribution. best wishes, MeloDramus <melodra...@online.de>
