On 23 April 2014 10:21, Morham <opensshdev@xxxxxxxxxxx> wrote: ... > I realise that these maintenance tasks are mostly unpaid and thankless, > and such recommendations are no doubt unwelcome as addition burdens, but > this *IS* ssh we're talking about. > > I don't know about others in the Linux/BSD-server-sphere, but aside from > only DNS, I cannot think of a single thing I expect to work "perfectly" > let alone "securely", hundreds of times per day. To me, it's more > important than httpd. [Re-replying to the list, finger trouble.] Agreed; but to me that's why the developers' willingness to prune potentially dangerous features, even when it's likely to cause controversy, is so valuable. I wish it were more common. For those that rely on llibwrap, or for distros who want to support it for their users, the option exists to patch it back in. I doubt it would be at all difficult to do. Hopefully, some will decide instead that the reasons given above for not using libwrap are pretty convincing, and that maybe they or their users will be better served by doing something else. -André _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
