Re: heads up: tcpwrappers support going away

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Apr 23 08:34, Alex Bligh wrote:
> 
> On 22 Apr 2014, at 23:31, James Cloos wrote:
> 
> >>>>>> "DM" == Damien Miller <djm@xxxxxxxxxxx> writes:
> > 
> > DM> This is an early warning: OpenSSH will drop tcpwrappers in the next
> > DM> release.
> > 
> > This will need a wider announcement.  Most auto-block solutions I've
> > looked at add entries to hosts.allow.
> 
> +1. Denyhosts suddenly stopping working is not a great plan.

Indeed.  The problem here is not that no replacement methods exist
(though I'm not so sure how to do that on Windows, I admit), the problem
is that you're leaving users hanging in the rain.

Assuming you're updating your Linux distro.  You're using tcp_wrappers
in conjunction with OpenSSH for years.  The distro update comes with
OpenSSH 6.7, now without tcp_wrappers support.  But the OpenSSH update
is just one updated package of several hundreds or thousands.  How
many users will not even get the information that their tcp_wrappers
installation doesn't work anymore?

tcp_wrappers might be an old concept, but simply pulling the plug and
removing the few lines required to support it seems a bit heavy-handed
considering what effect this may have.


Corinna

-- 
Corinna Vinschen
Cygwin Maintainer
Red Hat

Attachment: pgp5R6VTpWR9t.pgp
Description: PGP signature

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux