There is already a precedent for allowing users to use drop-in replacements
for certain network daemons by specifying the path to the daemon in rc.conf.
Examples include the ${ntpdate_program} and ${xtnpd_program} variables that
are used in /etc/rc.network.
Wietse Venema has for some time had a replacement portmapper that uses
libwrap to control access using hosts.allow. It doesn't protect the
daemons, but it can help disguise what RPC services you are running.
I'm suggesting to have rc.network use a ${portmap_program} variable, with a
suitable default in /etc/defaults/rc.conf of "/usr/sbin/portmap".
Any comments appreciated.
--
j.
James FitzGibbon ja...@ehlo.com
EHLO Solutions Voice/Fax (416)410-0100
To Unsubscribe: send mail to majord...@freebsd.org
with "unsubscribe freebsd-current" in the body of the message
