[7720] in Release_7.7_team
Re: flag day for fingerd
daemon@ATHENA.MIT.EDU (Benjamin Kaduk)
Thu Feb 9 01:19:48 2012
Date: Thu, 9 Feb 2012 01:19:44 -0500 (EST)
From: Benjamin Kaduk <kaduk@MIT.EDU>
To: Jonathan Reed <jdreed@MIT.EDU>
cc: release-team@MIT.EDU
In-Reply-To: <09754CA6-F1E0-4C9D-A0C0-0F5D4E7ABCD1@mit.edu>
Message-ID: <alpine.GSO.1.10.1202090115000.882@multics.mit.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
On Tue, 7 Feb 2012, Jonathan Reed wrote:
> Let's plan on cutting off fingerd in the clusters at some point soon.
> Let's pick March 1 (Thurs) because why not. I would like to accomplish
> this by simply punting fingerd from the metapackages, and sending mail
> to debathena-announce saying "If you want to run a fingerd, install the
> package yourself".
>
> People should speak up with objections to this.
Sorry for the delay in responding.
I wasn't at the meeting where this issue was covered previously, but I was
rather under the impression that there was not really a resolution about
whether we were okay having unstaffed clusters with no fingerds running.
Geoffrey had come up with the possibility of restricting which IPs can
communicate with fingerd via xinetd configuration, which (if it proves
fruitful) seems quite reasonable to me as a way to prevent abusive
behavior. I personally would feel uncomfortable just turning off fingerd,
and would like to pursue this option in more detail.
-Ben
P.S. (I'm still not sure whether it's worth meeting tomorrow.)
