Maybe it's time to get rid of tcpwrappers/tcpd?
Rex Dieter
rdieter at math.unl.edu
Sat Mar 22 16:39:23 UTC 2014
Jóhann B. Guðmundsson wrote:
> So here's the thing daemons and applications are inconsistent in their
> support for libwrap like for example sshd supports it while smbd does
> not which leads to incorrect configuration and administrative
> expectation which in itself poses a security risk.
I don't buy that argument.
In particular, don't let perfect be the enemy of good, ie, if libwrap isn't
perfect => get rid of it, isn't a logical conclusion here (for *this*
particular reason at least).
-- Rex
More information about the devel
mailing list