On Tuesday 21 January 2003 11:50, Martin Hepworth wrote:
>Kang, James wrote:
>> They don't want to run xinetd.
>> Is amandad capable of running "stand-alone" mode?
>> Please understand I am not trying to argue against your "default
>> xinetd mode" solution with the latest xinetd.
>>
>> James
>
>There are alot of security policies out there that state - no
> (x)inetd on servers. Would be nice if we could at least run
> amanda on the clients without running an inetd varient.

See my other reply to James Kang.  xinetd was originally built to 
address the perceived security concerns some folks had about inetd, 
(or at least thats what RedHat told us at the time they switched) 
and has had several updates since it first came out at about rh7.0 
IIRC.  As to the relative "security" either method has, I'll let 
the real folks, the ones who post to the bugtrack list I'm also 
subscribed to, have the final judgement, but I've not heard of any 
*real world* exploits against it in months.

Software is a dynamic thing in those cases, and when the security 
concerns have seemingly been met, then it should be time to review 
the policy, which really should be just as dynamic as the software 
its applied to.

Carving it in stone because someone heard a rumor 2 years ago is 
needlessly crippling our ability to "get the job done", and makes 
it very difficult for them to have their cake and eat it at the 
same time.

Bear in mind that in the real world, I'm only an expert in tv 
broadcasting, not network security.  Besides, to be an expert you 
have to be 50 miles from home and carrying a briefcase, I'm 
neither. :-)

If you like to ski, come to WV, we have plenty of snow now.  
Volunteer shovelers needed. :)

-- 
Cheers, Gene
AMD K6-III@500mhz 320M
Athlon1600XP@1400mhz  512M
99.22% setiathome rank, not too shabby for a WV hillbilly

Reply via email to