Hylafax Mailing List Archives
|
[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
Re: [hylafax-users] some general security hints?
Hi, I found an answer to my own question :)
> Is there a way to make hfaxd authenticate
> against an identd (113/tcp) username rather than against the one delivered
> in protocol? I could do it with tcp_wrappers, but I don't know how to wrap
> hfaxd. Any hints?
Here's my /etc/xinetd.d/hylafax file (for use with xinetd):
service hylafax
{
socket_type = stream
wait = no
user = root
server = /usr/sbin/hfaxd
server_args = -d
log_on_success += HOST DURATION USERID
log_on_failure += HOST USERID
disable = no
}
Make sure that you have identd running (port 113) and then put the following
line into hosts.allow:
hfaxd: root@xxxxxxxxx
and this one into hosts.deny:
hfaxd:ALL
This way only the root user will be able to connect to hfaxd, for example in
order to submit a fax. Tested on Redhat Linux 9.
regards,
Michal Rok
____________________ HylaFAX(tm) Users Mailing List _______________________
To subscribe/unsubscribe, click http://lists.hylafax.org/cgi-bin/lsg2.cgi
On UNIX: mail -s unsubscribe hylafax-users-request@xxxxxxxxxxx < /dev/null
*To learn about commercial HylaFAX(tm) support, mail sales@xxxxxxxxx*