Re: Maybe it's time to get rid of tcpwrappers/tcpd?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


On Mar 20, 2014, at 12:31 PM, Martin Langhoff <martin.langhoff@xxxxxxxxx> wrote:

On Thu, Mar 20, 2014 at 1:34 PM, Lennart Poettering <mzerqung@xxxxxxxxxxx> wrote:
I wonder whether it wouldn't be time to say goodbye to tcpwrappers in
Fedora. There has been a request in systemd upstream to disable support

As Stephen points out, they are used. Does systemd+xinetd match their functionality?

cheers,


m

I have to say that there are certain out-of-the-box services that it’s nice to be able to block access at the application-level, which would be hard to do at the transport or network layer.

RPC-based services being the most obvious, but also things like FTP or TFTP or VNC or X that don’t always have port numbers that are easily expressed…  Then there’s filtering on DNS hostname suffixes, etc… NIS+ membership...

I’m fine with seeing systemd being decoupled from them, but I’d like to see legacy services continue to work with tcpwrappers (libwrap).

-Philip


-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux