Intention is to cut down on false positives from enabled "xinetd"
services. These can already be whitelisted manually, but lets assume
that anything installed directly by package manager (RPM) is OK -
either because the RPM already contains an "enabled" service or
because the file is clearly marked as "configurable" (so enabling the
service is somehow an expected action).
Should still complain about weird additions/backdoors, of course.
Log in to post a comment.