From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from u2.inri ([107.191.125.208]) by pp; Thu May 21 15:29:47 EDT 2015
Date: Thu, 21 May 2015 15:29:14 -0400
From: sl@9front.org
To: 9front@9front.org
Subject: Re: [9front] proposal: disable most of /rc/bin/services/tcp* by default
Message-ID: <36bcd55437236b8f83f0db473afacd9f@u2.sfldmibb.det.wayport.net>
List-ID: <9front.9front.org>
X-Glyph: ➈
X-Bullshit: lossless virtual table-oriented cloud
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit

> but if someone want to exhaust your tcp connections they can do
> that with any service that accepts connections.

Yes, of course. And any valid user on the system can make things go
wrong in a huge number of ways (like your example: running malicious
services on any port that is not already being used).


> anyway, i'm fine with less services listening by default if
> that fixes the robot scanner problem for them.

Okay.

What about having hg track /sys/lib/dist/rc/bin/service instead of
/rc/bin/service?

sl