[blfs-book] r10485 - trunk/BOOK/postlfs/security

bdubbs at linuxfromscratch.org bdubbs at linuxfromscratch.org
Tue Jul 31 18:32:09 PDT 2012


Author: bdubbs
Date: 2012-07-31 19:32:04 -0600 (Tue, 31 Jul 2012)
New Revision: 10485

Modified:
   trunk/BOOK/postlfs/security/tcpwrappers.xml
Log:
Remove obsolete instructions in tcpwrappers


Modified: trunk/BOOK/postlfs/security/tcpwrappers.xml
===================================================================
--- trunk/BOOK/postlfs/security/tcpwrappers.xml	2012-07-31 23:44:40 UTC (rev 10484)
+++ trunk/BOOK/postlfs/security/tcpwrappers.xml	2012-08-01 01:32:04 UTC (rev 10485)
@@ -4,7 +4,7 @@
   <!ENTITY % general-entities SYSTEM "../../general.ent">
   %general-entities;
 
-  <!ENTITY tcpwrappers-download-http "http://files.ichilton.co.uk/nfs/tcp_wrappers_&tcpwrappers-version;.tar.gz">
+  <!ENTITY tcpwrappers-download-http " ">
   <!ENTITY tcpwrappers-download-ftp  "ftp://ftp.porcupine.org/pub/security/tcp_wrappers_&tcpwrappers-version;.tar.gz">
   <!ENTITY tcpwrappers-md5sum        "e6fa25f71226d090f34de3f6b122fb5a">
   <!ENTITY tcpwrappers-size          "97 KB">
@@ -31,7 +31,9 @@
 
       <para>The <application>TCP Wrapper</application> package provides daemon
       wrapper programs that report the name of the client requesting network
-      services and the requested service.</para>
+      services and the requested service.  This capability is obsolete in 
+      a modern environment, but several applications still use the library
+      and associated configuration files.</para>
 
     &lfs70_checked;
 
@@ -114,7 +116,7 @@
       <indexterm zone="tcpwrappers tcpwrappers-config">
         <primary sortas="e-etc-hosts.deny">/etc/hosts.deny</primary>
       </indexterm>
-
+<!--
       <para>File protections: the wrapper, all files used by the wrapper,
       and all directories in the path leading to those files, should be
       accessible but not writable for unprivileged users (mode 755 or mode
@@ -137,7 +139,7 @@
       <note>
         <para>The <command>finger</command> server is used as an example here.</para>
       </note>
-<!--
+
       <para>Similar changes must be made if <application>xinetd</application> is
       used, with the emphasis being on calling <command>/usr/sbin/tcpd</command>
       instead of calling the service daemon directly, and passing the name of the




More information about the blfs-book mailing list