Maybe it's time to get rid of tcpwrappers/tcpd?
Lennart Poettering
mzerqung at 0pointer.de
Thu Mar 20 18:45:32 UTC 2014
On Thu, 20.03.14 14:31, Martin Langhoff (martin.langhoff at gmail.com) wrote:
> On Thu, Mar 20, 2014 at 1:34 PM, Lennart Poettering <mzerqung at 0pointer.de>wrote:
>
> > I wonder whether it wouldn't be time to say goodbye to tcpwrappers in
> > Fedora. There has been a request in systemd upstream to disable support
> >
>
> As Stephen points out, they are used. Does systemd+xinetd match their
> functionality?
No. systemd is not a firewall. It currently supports libwrap checks for
socket activated services. And I'd really like to get rid of that...
I have no doubt that some people use them, however I am also pretty sure
that they are massively awful, and not worth the trouble, and that I'd
prefer not to see this crap in the default install. However, since the
library is currently hooked into a lot of services (starting with
systemd itself) I currently cannot do "rpm -e".
I mean, I really don't mind that tcpd/tcpwrap stays in the archives, if
people want to make use of that. I am simply proposing to not link
agains them anymore for everything that is in the default system.
Lennart
--
Lennart Poettering, Red Hat
More information about the devel
mailing list