On Sun, Apr 08, 2001 at 01:04:26PM -0700, Tyrin Price wrote: > * Robert Voigt <[EMAIL PROTECTED]> [08Apr01 19:07 +0200]: > > I put the line > > ALL: ALL > > in /etc/hosts.deny and tried to mount a directory on this machine from > > another one, just to see if it actually denies access to all other hosts. > > /etc/hosts.allow is empty. But I could still mount and access files. What's > > wrong here? > > These access control files only work for those services run from inetd
this is not true, any service compiled with libwrap will also use hosts.{allow,deny} such packages include openssh, mountd, statd, portmap, and afpd. all of these use and respect /etc/hosts.{allow,deny} without being run from inetd > ... nfs uses portmap. I bet you don't have the portmapper wrapped. yes he does, portmap in debian uses tcpwrappers without being run from inetd (which is impossible for portmap). -- Ethan Benson http://www.alaska.net/~erbenson/
pgpR1nBRCezhg.pgp
Description: PGP signature