Re: D-bus integration

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Given the most recent security scare with distribution-patched sshd having
a backdoor because it indirectly linked to xz, I'd expect sentiment to be
strongly against adding any integrations.

While there is some utility to what you are suggesting, maybe it makes more
sense to split apart the fail2ban log parsing from its jail functionality
and use it to parse logs onto D-bus. Let's keep sshd as simple and secure
as it can be.

--Gregory

On Thu, Apr 11, 2024 at 05:01:37PM +0200, Krzysztof Kowalski wrote:
> Dear OpenSSH developers,
> 
> 
> I was looking at the fail2ban project and had an idea that instead of
> parsing log files it could be possible to notify interested parties (like
> fail2ban) via (for instance) D-bus about a failed login attempt.
> 
> Other application could also use this protocol to notify about suspect
> behaviors. A central functionality will allow for other (new) projects to
> integrate without much effort.
> 
> What do you think?
> 
> 
> Best regards
> 
> Krzysztof Kowalski
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev@xxxxxxxxxxx
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
> 
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux