OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: [suse-security] sendmail etrn
From: sematwawa.eahd.or.ug
Date: Wed Aug 23 2000 - 03:52:06 CDT

> Don't confuse etrn with expn. expn does indeed have security aspects since
> it provides information about deliverable addresses and therefore possible
> local accounts on the system in question.
Yes I know about expn and it is disabled on my machine. But I wondered
about etrn because I just happened to notice that on redhat it was
disabled while on suse it wasn't.
I wonder whether it would not be best if some of these features were
disabled by default such that if lets say next month an exploit were to be
discovered then most users would be safe.
Kind of like the thread I have been seeing about having most things
disabled by default.
>
> Thanks,
> Roman.
> --
> - -
> | Roman Drahtmüller <drahtsuse.de> // "Caution: Cape does |
> SuSE GmbH - Security Phone: // not enable user to fly."
> | Nürnberg, Germany +49-911-740530 // (Batman Costume warning label) |
> - -
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: suse-security-unsubscribesuse.com
> For additional commands, e-mail: suse-security-helpsuse.com
>

---------------------------------------------------------------------
To unsubscribe, e-mail: suse-security-unsubscribesuse.com
For additional commands, e-mail: suse-security-helpsuse.com