There is already a precedent for allowing users to use drop-in replacements for certain network daemons by specifying the path to the daemon in rc.conf. Examples include the ${ntpdate_program} and ${xtnpd_program} variables that are used in /etc/rc.network.
Wietse Venema has for some time had a replacement portmapper that uses libwrap to control access using hosts.allow. It doesn't protect the daemons, but it can help disguise what RPC services you are running. I'm suggesting to have rc.network use a ${portmap_program} variable, with a suitable default in /etc/defaults/rc.conf of "/usr/sbin/portmap". Any comments appreciated. -- j. James FitzGibbon ja...@ehlo.com EHLO Solutions Voice/Fax (416)410-0100 To Unsubscribe: send mail to majord...@freebsd.org with "unsubscribe freebsd-current" in the body of the message