On Sun, Apr 08, 2001 at 01:04:26PM -0700, Tyrin Price wrote: > * Robert Voigt <[EMAIL PROTECTED]> [08Apr01 19:07 +0200]: > > I put the line > > ALL: ALL > > in /etc/hosts.deny and tried to mount a directory on this machine from > > another one, just to see if it actually denies access to all other hosts. > > /etc/hosts.allow is empty. But I could still mount and access files. What's > > wrong here? > > These access control files only work for those services run from inetd
this is not true, any service compiled with libwrap will also use
hosts.{allow,deny} such packages include openssh, mountd, statd,
portmap, and afpd. all of these use and respect
/etc/hosts.{allow,deny} without being run from inetd
> ... nfs uses portmap. I bet you don't have the portmapper wrapped.
yes he does, portmap in debian uses tcpwrappers without being run from
inetd (which is impossible for portmap).
--
Ethan Benson
http://www.alaska.net/~erbenson/
pgpR1nBRCezhg.pgp
Description: PGP signature
