> > What do you think? Do you rely on hosts.allow/hosts.deny a primary security > mechanism? As defense-in-depth? Do you have policies which mandate it? > > Your feedback appreciated. Thanks! > > > * and the standard caveats that Fedora doesn't necessarily determine the > path for RHEL apply, of course. > I'll try to keep my response as free from whining and gnashing of teeth as that seems to be well covered by many others. where I work uses it now, I've been at places that while I can't recall there being a specific mandate for tcp wrappers, they had really stupid 'must have' requirements (like root's home has to be mode 700. which while fine, good, great even on standard linux systems is less than helpful on standard older releases of solaris where root has / as a home dir), so I can imagine they could have that. I like the notion of keeping it around and having someone take over the maint work would be great, but I can understand why it might be good to retire, and I'm pretty sure I'd adapt (possibly moving to the route of building my own from source if I -really- decided I had to have it, although life is much easier when the libs are blown into the daemons directly) -- Even the Magic 8 ball has an opinion on email clients: Outlook not so good.