Maybe it's time to get rid of tcpwrappers/tcpd?
Nicolas Mailhot
nicolas.mailhot at laposte.net
Mon Mar 24 11:48:58 UTC 2014
Le Jeu 20 mars 2014 20:44, Stephen John Smoogen a écrit :
> I am giving you a standard enterprise problem.
I can confirm that thanks to the stability of the config file, tcpwrappers
is widely used here.
IPtables has just started getting some adoption (after years of turf wars
between firewall admin and server admins) but I'm not confident a lot of
projects will really use it (unfortunately, iptables did *not* have
clearly defined configuration rules, so it's a free-for-all a lot of
projects do not want to mess with).
Selinux is the future that will arrive someday when someone dares making
it mandatory (and accepts the inevitable fallout when enterprisey stuff
like Oracle and friends start failing right and left)
I really wish there was less energy spent on what the code looks from the
inside and more than providing stable easy to use user interface. You can
rewrite code twenty times no one will care as long as the interface is
familiar. Break configuration syntax or other interfaces, however, and all
hell breaks loose.
And before someone complains of sysadmin stop energy: Microsoft core fonts
(1996-era stuff) are still in the top #5 sourceforge downloads, despite
being years out of date and unmaintained, and despite the boatloads of
better FLOSS fonts which have been released in the past years. I'm sure
they are still in Fedora install howtos.
THAT's how badly users want human interface stability, be it on the server
or the desktop side.
--
Nicolas Mailhot
More information about the devel
mailing list