Bringing back tcp wrappers

Saint Michael venefax at gmail.com
Thu Jun 24 03:31:04 AEST 2021


any external app can be down at any time, while openssh remains active and
exposed, BUT libwrap is baked into openssh, so the protection will hold.
Libwrap is the last line of defense. Why remove it?

On Wed, Jun 23, 2021 at 1:01 PM Lars Noodén <lars.nooden at gmx.com> wrote:

> On 6/23/21 5:54 PM, Saint Michael wrote:
> > I compiled the latest version, 8.1, inside Centos 7.9, and
> [snip]
>
> What use-case would there be there for tcpwrappers that cannot be better
> solved with a packet filter?  In the case of CentOS 7 you have nftables
> and iptables.
>
> /Lars
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>


More information about the openssh-unix-dev mailing list