On 17-2-2020 08:02, Borja Marcos wrote:
On 14 Feb 2020, at 19:18, Ed Maste <ema...@freebsd.org> wrote:
Upstream OpenSSH-portable removed libwrap support in version 6.7,
released in October 2014. We've maintained a patch in our tree to
restore it, but it causes friction on each OpenSSH update and may
introduce security vulnerabilities not present upstream. It's (past)
time to remove it.
There’s no way to fight it? I know it’s an old program (first time I used it
was back in 1992 or so!)
but it’s really convenient and easy to use.
I remember porting it to Apollo Domain OS with Wietse Venema when we both
worked at Eindhoven University. And Wiestse was complaining that PID
were not
unique and sequential.
So my guess would be that its origin lies somewhere around 1986-1988..
At that time TCPwrappers was a good part of security, since firewall
and likes
were close to hard to get and/or unavailable. But in current times
there usually
are better ways to fix things, but I guess that all use something of a
firewall
be it ipfw of pf. (using both sshguard, fail2ban or portsentry)
So it'll be said to see it go, but I guess it has served its purpose.
--WjW
_______________________________________________
freebsd-security@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
