Does fail2ban have authorization to write firewall rules? That's a high-impact v... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		wolverine876 on Oct 7, 2023 \| parent \| context \| favorite \| on: Fail2Ban Does fail2ban have authorization to write firewall rules? That's a high-impact vector of attack, should fail2ban have a vulnerability. Also, does fail2ban store credentials that provide that authorization?

inferiorhuman on Oct 7, 2023 | [–]

Yes, no.

dizhn on Oct 7, 2023 | [–]

It runs as root.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact