Date: Thu, 17 Sep 2020 12:58:22 -0700 From: Pete Wright <pete@nomadlogic.org> To: Ian Lepore <ian@freebsd.org>, FreeBSD Current <freebsd-current@freebsd.org> Subject: Re: Deprecating ftpd in the FreeBSD base system? Message-ID: <5e9effdf-0fc6-5c3c-3d40-19f7a528fa3e@nomadlogic.org> In-Reply-To: <20200917194941.GY4213@funkthat.com> References: <CAPyFy2BHki84KuzP94AqTLk7v9FTAnLP-sa4HaFLq0kdxt0dEQ@mail.gmail.com> <202009171404.08HE4fZj007939@slippy.cwsent.com> <CALH631n=MEvoS%2B3qOo9nM6-VXYW85jVxv1ih1w=7kfW6E0feag@mail.gmail.com> <4d2c3d9dd633ed9a264cf3675dcbb4386f11ada3.camel@freebsd.org> <20200917194941.GY4213@funkthat.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 9/17/20 12:49 PM, John-Mark Gurney wrote: > Ian Lepore wrote this message on Thu, Sep 17, 2020 at 09:01 -0600: >> On Thu, 2020-09-17 at 18:43 +0400, Gleb Popov wrote: >>> On Thu, Sep 17, 2020 at 6:05 PM Cy Schubert < >>> Cy.Schubert@cschubert.com> >>> wrote: >>> >>>> I've been advocating removing FTP (and HTTP) from libfetch as well. >>>> People >>>> should be using HTTPS only. >>>> >>> Isn't this a bit too much? I often find myself in need to download >>> something starting with "http://" or "ftp://" and use fetch for this. >> Indeed, we have products which rely on this ability in libfetch and we >> have to keep supporting them for many many years to come. >> >> I hate it when someone imperiously declares [For security reasons] >> "People should/shouldn't be using ______". You have no idea what the >> context is, and thus no ability to declare what should or shouldn't be >> used in that context. For example, two embedded systems talking to >> each other over a point to point link within a sealed device are not >> concerned about man in the middle attacks or other modern internet >> threats. > And I really dislike when people want to make sure that their unique > case that less than a percent of people would every hit blocks the > security improvements for the majority of people... > > I've given up on a number of security improvements in FreeBSD because > of this attitude... > while i tend to agree with you here - i would say that in this case there is a very large use case where preservation of http is very important to a wide base of users: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-retrieval.html https://cloud.google.com/compute/docs/storing-retrieving-metadata https://docs.microsoft.com/en-us/azure/virtual-machines/windows/instance-metadata-service regarding the main topic tho - dropping ftpd from base seems like a good iteration in clearing out cruft from the code base so we can focus on things with much larger user bases. fortunately we have an excellent ports/pkg infrastructure to service this need if it arises. -pete -- Pete Wright pete@nomadlogic.org @nomadlogicLA
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5e9effdf-0fc6-5c3c-3d40-19f7a528fa3e>