>>>>> "JK" == Jerry Kemp <app.mail.lis...@oryx.cc> writes:
JK> I was unaware that OpenSSH was dropping support for tcpwrappers. It was just discussed on their development mailing list. This comes on the heels of Fedora's discussion of removing tcp_wrappers from the distribution, so I imagine I'll be dropping denyhosts from Fedora in any case. JK> Do you know, is this a firm thing? Or just a possible plan? Well, there was some objection but the developers seem pretty convinced that it needs to go. I don't disagree with them; the tcp_wrappers code is pretty terrible and has been abandoned for something like 17 years. JK> I wonder if there is anything we can do as end users to help reverse JK> this decision. Well, you can carry local patches if you want, spearhead some effort to write some tcp_wrappers-compatible library that isn't so scary from a security standpoint, adapt denyhosts to use some other mechanism (like the host's firewall, which is the proper place to do this), use some other software that still works (fail2ban) or simply fail to adapt and run outdated software. Or I guess you could complain to the openssh developers that you don't want anything to change except their minds and hope they listen to you. I know which direction I'm going. - J< ------------------------------------------------------------------------------ Start Your Social Network Today - Download eXo Platform Build your Enterprise Intranet with eXo Platform Software Java Based Open Source Intranet - Social, Extensible, Cloud Ready Get Started Now And Turn Your Intranet Into A Collaboration Platform http://p.sf.net/sfu/ExoPlatform _______________________________________________ Denyhosts-user mailing list Denyhosts-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/denyhosts-user
