Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.ecn.uoknor.edu!feed1.news.erols.com!howland.erols.net!news.mathworks.com!fu-berlin.de!irz401!orion.sax.de!uriah.heep!news From: j@uriah.heep.sax.de (J Wunsch) Newsgroups: comp.unix.bsd.freebsd.misc Subject: Re: Tcp_wrappers won't work! Date: 20 Oct 1996 15:34:31 GMT Organization: Private BSD site, Dresden Lines: 27 Message-ID: <54dgq7$3gs@uriah.heep.sax.de> References: <548avr$184@news.ox.ac.uk> <01bbbd62$271bd240$32498796@rc6855.rescomp.arizona.edu> <549hup$l92@dewey.udel.edu> <54a3h1$o12@news.ox.ac.uk> Reply-To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch) NNTP-Posting-Host: localhost.heep.sax.de Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-Newsreader: knews 0.9.6 X-Phone: +49-351-2012 669 X-PGP-Fingerprint: DC 47 E6 E4 FF A6 E9 8F 93 21 E0 7D F9 12 D6 4E Neil Long <neil.long@materials.oxford.ac.uk> wrote: > Well, every system I use tcp_wrappers on has the deny/allow in /etc. > It is common to nfs mount /usr/local on many systems and putting such > a critical system security file at the mercy of nfs mount attacks is > not sensible IMHO. If you are NFS, you will probably make your /usr/local/etc a symlink to e.g. /etc/local/ anyway (and provide for a shadow symlink in your /usr partition that is visible until the NFS mount of /usr/local is complete). Jerry was right that the default policy for any port is to not touch the base system, but install everything under /usr/local/ (or under /usr/X11R6/ for an X11 port). > The packaged version needs a README or something as the man pages are > still pointing to /etc. Submit this to the maintainer of the port. Most prefered with a fix. :) -- cheers, J"org joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-)