IRC logs of #tryton for Thursday, 2013-05-02

chat.freenode.net #tryton log beginning Thu May 2 00:00:03 CEST 2013
Pilou	cedk: about the LoginAttempt feature. This feature doesn't prevent brute force attacks (it blocks brute force attacks which use Tryton client or proteus ;). Sample bash script: http://pastebin.com/SmzKXKuv	12:00
cedk	Pilou: yes	12:06
cedk	Pilou: it blocks brute force attacks using any tools	12:07
Pilou	bash isn't a tool ;) ?	12:07
cedk	Pilou: did not yet read because pastebin is so slow	12:09
Pilou	http://pastebin.ca/2371472	12:09
cedk	Pilou: yes the sleep must be done in all cases	12:13
Pilou	Would you allow the addition of an option (disabled by default) which disable LoginAttempt behavior ?	12:21
cedk	Pilou: no	12:21
cedk	Pilou: I will always be by default against any new option	12:21
lids	imho it's not tryton's job to handle such an issue	12:22
lids	user acount will get locked too easily if the sleep is triggered before the login	12:23
lids	so you will add login attempts by ip.. fail2ban does that better	12:24
cedk	lids: I doubt fail2ban manage Tryton protocol	12:24
lids	it's a matter of writing a regexp that match login's failure, it's really easy	12:25
cedk	lids: for me, it is plenty tha job of trytond to secure the login	12:28
lids	of course, but we have to do it the right way.. as openssh let's third parties software handle this case, i think we can do the same with tryton	12:41
cedk	lids: still no valid reason	12:44
plantian	If I want to deactivate a product, should I deactivate the product.product and then the product.template or do I just need to do one of them?	21:24
cedk	plantian: if you do only on product the template will still be available	22:37
plantian	cedk: okay, is it likely that deactivating the template of a product unsets the code when viewing the product? Like when I view the inactive product.	22:44
cedk	plantian: don't understand	22:47

Generated by irclog2html.py 2.11.0 by Marius Gedminas - find it at mg.pov.lt!