> > It would be just as easy for the malicious user to not link > > libtcpwrap.so into their executable. Note: the cure...if you don't want users running a service on another port (they can't run it on a port < 1024...) use iptables to lock down your system. Not only can you restrict what IP access what you can completely block ports...what a novel idea. The only advantage I can think of (maybe I am wrong) of running tcpd is paranoia mode.
-- Phil PGP/GPG Key: http://www.zionlth.org/~plhofmei/ wget -O - http://www.zionlth.org/~plhofmei/ | gpg --import XP Source Code: #include <win2k.h> #include <extra_pretty_things_with_bugs.h> #include <more_bugs.h> #include <require_system_activation.h> #include <phone_home_every_so_often.h> #include <remote_admin_abilities_for_MS.h> #include <more_restrictive_EULA.h> #include <sell_your_soul_to_MS_EULA.h> //os_over="Windows 2000" os_ver="Windows XP"
