> The TCP wrapper package is not a total solution since, from my
> understanding, the tcp wrapper only works when the service is
> started, not once it is running. This leaves your with hole
> on processes that get stated and then hang around. Things
> like rpc.mountd, ypserv, tftpd, etc. This may have changed in
> later releases of the the wrappers since I don't have the
> current version docs open and am working from memory which is
> dealing with the older versions.
> Good point. rpc.mountd can be started from inetd, but I don't know how
> long it hangs around. I also don't know how TCP calls to it are
> handled in that case; the inetd.conf file here only shows a UDP entry.
If you change the 'wait' to 'nowait' in inetd.conf, won't the service be
invoked at every call to mountd? I've always assumed ( maybe incorrectly )
that mountd only used rpc/udp, and didn't need a 'TCP' entry. If I'm
wrong, I'd appreciate hearing about it...
Computer Engineer, SAIC