dropping tcp_wrapper support
On Tue, Jul 12, 2011 at 11:27 PM, Dave Reisner <firstname.lastname@example.org> wrote:
> I'd like to pick up something Dan proposed about a year ago, which is
> dropping support for tcp_wrappers. Its last official upstream release
> was 1997, and we currently add 10 patches to it from 3 different distros
> in order to make it compile, fix bugs, and add features (ipv6). We also
> add in an odd default of ALL: ALL in the config file, meaning that the
> first thing most people do on a new arch system is add a line to
> /etc/hosts.allow along the lines of 'sshd: ALL' (or just delete the
> blanket deny. To my knowledge, there isn't anything tcp_wrappers does
> that iptables can't do more eloquently, and without the need to be
> linked against an external library.
> Therefore, I'd like to propose that we just dump this. The rebuild list
> would be small, at 20 packages:
> Is there any pressing reason to hang onto this aging library?
I support this.