[ale] Which /etc/services to allow for secure web browsing & email ?
Michael H. Warfield
mhw at WittsEnd.com
Sat Dec 20 15:31:32 EST 2008
On Sat, 2008-12-20 at 11:48 -0500, Courtney Thomas wrote:
> My services file has thousands of entries. I assume those
> without # at the beginning are enabled.
No. Not correct. /etc/services is merely a lookup file mapping
service names to well known port numbers and protocols. It, in and of
itself, doesn't enable anything. Sort of like what the /etc/hosts file
does for looking up systems.
> What I was thinking was to make a copy of it and edit out almost everything
> or
> possibly better yet,.... create a new minimized one rather than trying to
> digest
> the myriad entries .
> What minimum should remain to permit secure web browsing and email ?
Highly recommended that you do not go down this road or every service
that uses getservicebyname() may potentially be broken. Do not do this.
> What services am I overlooking with this idea that would possibly be a
> mistake ?
The file doesn't do what you think it does therefore you don't
understand the function of the file thus making tampering with it a
mistake.
> Appreciatively,
> Courtney
Mike
--
Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw at WittsEnd.com
/\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 307 bytes
Desc: This is a digitally signed message part
Url : http://mail.ale.org/pipermail/ale/attachments/20081220/a21d524b/attachment.bin
More information about the Ale
mailing list