From owner-freebsd-stable@freebsd.org  Sat Apr  3 21:22:01 2021
Return-Path: <owner-freebsd-stable@freebsd.org>
Delivered-To: freebsd-stable@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4AB8B5BFD01
 for <freebsd-stable@mailman.nyi.freebsd.org>;
 Sat,  3 Apr 2021 21:22:01 +0000 (UTC)
 (envelope-from eugen@grosbein.net)
Received: from hz.grosbein.net (hz.grosbein.net [IPv6:2a01:4f8:c2c:26d8::2])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "hz.grosbein.net", Issuer "hz.grosbein.net" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4FCVHD35Qgz3D9v;
 Sat,  3 Apr 2021 21:22:00 +0000 (UTC)
 (envelope-from eugen@grosbein.net)
Received: from eg.sd.rdtc.ru (eg.sd.rdtc.ru [IPv6:2a03:3100:c:13:0:0:0:5])
 by hz.grosbein.net (8.15.2/8.15.2) with ESMTPS id 133LLlBI040184
 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
 Sat, 3 Apr 2021 21:21:51 GMT (envelope-from eugen@grosbein.net)
X-Envelope-From: eugen@grosbein.net
X-Envelope-To: emaste@freebsd.org
Received: from [10.58.0.10] (dadvw [10.58.0.10])
 by eg.sd.rdtc.ru (8.16.1/8.16.1) with ESMTPS id 133LLgbb088455
 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT);
 Sun, 4 Apr 2021 04:21:42 +0700 (+07)
 (envelope-from eugen@grosbein.net)
Subject: Re: Deprecating base system ftpd?
To: Ed Maste <emaste@freebsd.org>,
 freebsd-stable stable <freebsd-stable@freebsd.org>
References: <CAPyFy2AbP2X339zbemZ9Y8edjNKdyygnR9mH48Q78nxwDtOBAg@mail.gmail.com>
From: Eugene Grosbein <eugen@grosbein.net>
Message-ID: <eda59707-46cf-d7c1-512e-39a141cfda61@grosbein.net>
Date: Sun, 4 Apr 2021 04:21:26 +0700
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:45.0) Gecko/20100101
 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <CAPyFy2AbP2X339zbemZ9Y8edjNKdyygnR9mH48Q78nxwDtOBAg@mail.gmail.com>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=0.3 required=5.0 tests=BAYES_00,LOCAL_FROM,
 NICE_REPLY_A,SPF_FAIL,SPF_HELO_NONE autolearn=no autolearn_force=no
 version=3.4.2
X-Spam-Report: * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1%
 *      [score: 0.0000]
 *  0.0 SPF_FAIL SPF: sender does not match SPF record (fail)
 *      [SPF failed: Please see http://www.openspf.org/Why?s=mfrom;
 id=eugen%40grosbein.net; ip=2a03%3A3100%3Ac%3A13%3A%3A5; r=hz.grosbein.net]
 *  0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
 *  2.6 LOCAL_FROM From my domains
 * -0.0 NICE_REPLY_A Looks like a legit reply (A)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on hz.grosbein.net
X-Rspamd-Queue-Id: 4FCVHD35Qgz3D9v
X-Spamd-Bar: -
Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none;
 spf=fail (mx1.freebsd.org: domain of eugen@grosbein.net does not designate
 2a01:4f8:c2c:26d8::2 as permitted sender) smtp.mailfrom=eugen@grosbein.net
X-Spamd-Result: default: False [-1.10 / 15.00]; RCVD_TLS_ALL(0.00)[];
 R_SPF_FAIL(1.00)[-all]; FREEFALL_USER(0.00)[eugen];
 FROM_HAS_DN(0.00)[];
 RBL_DBL_DONT_QUERY_IPS(0.00)[2a01:4f8:c2c:26d8::2:from];
 TO_MATCH_ENVRCPT_ALL(0.00)[]; MID_RHS_MATCH_FROM(0.00)[];
 MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[grosbein.net];
 ARC_NA(0.00)[];
 SPAMHAUS_ZRD(0.00)[2a01:4f8:c2c:26d8::2:from:127.0.2.255];
 RCVD_COUNT_THREE(0.00)[3]; NEURAL_HAM_MEDIUM(-1.00)[-1.000];
 TO_DN_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000];
 RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_SHORT(-1.00)[-1.000];
 FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[];
 MIME_TRACE(0.00)[0:+];
 ASN(0.00)[asn:24940, ipnet:2a01:4f8::/29, country:DE];
 SUBJECT_ENDS_QUESTION(1.00)[];
 MAILMAN_DEST(0.00)[freebsd-stable]
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-stable>, 
 <mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable/>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 03 Apr 2021 21:22:01 -0000

04.04.2021 3:39, Ed Maste wrote:

> I propose deprecating the ftpd currently included in the base system
> before FreeBSD 14, and opened review D26447
> (https://reviews.freebsd.org/D26447) to add a notice to the man page.
> I had originally planned to try to do this before 13.0, but it dropped
> off my list. FTP is not nearly as relevant now as it once was, and it
> had a security vulnerability that secteam had to address.
> 
> I'm happy to make a port for it if anyone needs it. Comments?

I'm strongly against remove of stock ftpd. FTP is fastest protocol for both testing
and daily file transfer for trusted isolated segments, and even for WAN wrapped in IPSec.

Our stock ftpd has very short backlog of security issues comparing with other FTP server implementations,
mostly linked with libc or other libraries and not with ftpd code itself.

Please don't fix what ain't broken. Please.