IRC logs of #tryton for Thursday, 2013-05-02

chat.freenode.net #tryton log beginning Thu May 2 00:00:03 CEST 2013
Piloucedk: about the LoginAttempt feature. This feature doesn't prevent brute force attacks (it blocks brute force attacks which use Tryton client or proteus ;). Sample bash script: http://pastebin.com/SmzKXKuv12:00
cedkPilou: yes12:06
cedkPilou: it blocks brute force attacks using any tools12:07
Piloubash isn't a tool ;) ?12:07
cedkPilou: did not yet read because pastebin is so slow12:09
Pilouhttp://pastebin.ca/237147212:09
cedkPilou: yes the sleep must be done in all cases12:13
PilouWould you allow the addition of an option (disabled by default) which disable LoginAttempt behavior ?12:21
cedkPilou: no12:21
cedkPilou: I will always be by default against any new option12:21
lidsimho it's not tryton's job to handle such an issue12:22
lidsuser acount will get locked too easily if the sleep is triggered before the login12:23
lidsso you will add login attempts by ip.. fail2ban does that better12:24
cedklids: I doubt fail2ban manage Tryton protocol12:24
lidsit's a matter of writing a regexp that match login's failure, it's really easy12:25
cedklids: for me, it is plenty tha job of trytond to secure the login12:28
lidsof course, but we have to do it the right way.. as openssh let's third parties software handle this case, i  think we can do the same with tryton12:41
cedklids: still no valid reason12:44
plantianIf I want to deactivate a product, should I deactivate the product.product and then the product.template or do I just need to do one of them?21:24
cedkplantian: if you do only on product the template will still be available22:37
plantiancedk: okay, is it likely that deactivating the template of a product unsets the code when viewing the product?  Like when I view the inactive product.22:44
cedkplantian: don't understand22:47

Generated by irclog2html.py 2.11.0 by Marius Gedminas - find it at mg.pov.lt!