[892] in linux-security and linux-alert archive
Re: [linux-security] Re: You wouldn't believe it...
daemon@ATHENA.MIT.EDU (Fabrizio Giudici)
Wed Jul 10 18:35:01 1996
Date: Wed, 10 Jul 1996 23:51:54 +0200
From: Fabrizio Giudici <fritz@dibe.unige.it>
To: linux-security@tarsier.cv.nrao.edu
Jon Lewis wrote:
>
> [snip]
>
> slackware based boxes. Anyway, one day a co-worker brings in his
> notebook with pcmcia ethernet, and asks me whats up with this Windows
> server on our network. "What windows server?" It was then that I found
> that by default, Red Hat 3.0.3 setup Samba for me and ran it with /tmp
> world rw. I still don't know Samba, but I assume this is the section of
> config file responsible:
> [snip]
> On a small box such as this one, where the root fs is _the_ fs, a world
> writable (no account needed) exported directory could be a very bad thing.
Writing on /tmp is not as dangerous, but I agree that people should be
warned about it.
My point is that Samba is really a _good_ thing (it resolved many
many problems in my department) and it is fine that it is automatically
set up, however Red Hat people should take care
of inserting a message during the installation phase in which they
tell the user what kind of services are automatically available.
But in my opinion the matter is not only Samba nor Red Hat: by default
in /etc/inetd.conf there are other services that are automatically activated
and the system owner should be aware of. Probably the best thing could be a
dialog box during the installation that shows all available services with a
brief description and allows to selectively enable/disable them.
Just my 0.02 cents...
--
.---------------------------------------------------------------------------.
| Fabrizio Giudici, PhD Student (fritz@dibe.unige.it) | Style distinguishes |
| WWW-PAGE: http://tomcat.dibe.unige.it/~fritz/ | excellence from |
| PHONE: +39 10 3532192 / 3532174 / 3532897 | accomplishment. |
| FAX: +39 10 3532175 `---------------------|
| Dept. of Biophys. and Elect. Eng. (DIBE), University of Genoa - ITALY |
`---------------------------------------------------------------------------'
All expressed opinions are personal and not of the organization I work for.