Re: CDE Without ToolTalk?
From: Crist J. Clark (crist.clark@attbi.com)Date: 09/09/02
- Previous message: Uwe A. P. Wuerdinger: "Re: CDE Without ToolTalk?"
- In reply to: Charles Clancy: "Re: CDE Without ToolTalk?"
- Next in thread: George Capehart: "Re: CDE Without ToolTalk?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 9 Sep 2002 11:52:59 -0700 From: "Crist J. Clark" <crist.clark@attbi.com> To: focus-sun@securityfocus.com
On Sat, Sep 07, 2002 at 03:40:25PM -0500, Charles Clancy wrote:
> > Does anyone have a reference on how to lock down CDE? When asked to
> > "harden" a Sun server, one of the first things to do is go through
> > inetd.conf and take everything out but the basics, or even better, not
> > run inetd at all.
>
> In general, I completely "/etc/init.d/rpc stop". But then again, I don't
> run CDE. With RPC stopped completely, CDE dies. With RPC running only
> portmap and keyserv (nothing in inetd), CDE seems to run alright.
I would like to thank everyone for the responses, I have things
working "okay" for now.
I realized that I already had some boxes running CDE with no ToolTalk,
which confirms what many said. What causes CDE to completely bail out
is _not_ the missing ToolTalk, like the error message says, but rather
the absence of the RPC port mapper. The error message is misleading.
So, although I really don't need to run rpcbind on this particular
box, I can turn it on and CDE runs alright.
Thanks again for all of the responses.
-- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org
- Previous message: Uwe A. P. Wuerdinger: "Re: CDE Without ToolTalk?"
- In reply to: Charles Clancy: "Re: CDE Without ToolTalk?"
- Next in thread: George Capehart: "Re: CDE Without ToolTalk?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
