From owner-freebsd-stable@freebsd.org Thu Apr 15 01:33:04 2021 Return-Path: Delivered-To: freebsd-stable@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B39D15D8EAE for ; Thu, 15 Apr 2021 01:33:04 +0000 (UTC) (envelope-from cy.schubert@cschubert.com) Received: from smtp-out-so.shaw.ca (smtp-out-so.shaw.ca [64.59.136.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "Client", Issuer "CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FLMKq5D6kz4j2N; Thu, 15 Apr 2021 01:33:03 +0000 (UTC) (envelope-from cy.schubert@cschubert.com) Received: from spqr.komquats.com ([70.66.148.124]) by shaw.ca with ESMTPA id WqsNlg0dIHmS3WqsPlhrjI; Wed, 14 Apr 2021 19:33:01 -0600 X-Authority-Analysis: v=2.4 cv=MaypB7zf c=1 sm=1 tr=0 ts=607797cd a=Cwc3rblV8FOMdVN/wOAqyQ==:117 a=Cwc3rblV8FOMdVN/wOAqyQ==:17 a=kj9zAlcOel0A:10 a=3YhXtTcJ-WEA:10 a=6I5d2MoRAAAA:8 a=YxBL1-UpAAAA:8 a=EkcXrb_YAAAA:8 a=CblcHAecsDUvexUjKecA:9 a=CjuIK1q_8ugA:10 a=7XECGsRVCcEA:10 a=IjZwj45LgO3ly-622nXo:22 a=Ia-lj3WSrqcvXOmTRaiG:22 a=LK5xJRSDVpKd5WXXoEvA:22 Received: from slippy.cwsent.com (slippy [10.1.1.91]) by spqr.komquats.com (Postfix) with ESMTPS id C082B262; Wed, 14 Apr 2021 18:32:58 -0700 (PDT) Received: from slippy (localhost [127.0.0.1]) by slippy.cwsent.com (8.16.1/8.16.1) with ESMTP id 13F1Ww9w003426; Wed, 14 Apr 2021 18:32:58 -0700 (PDT) (envelope-from Cy.Schubert@cschubert.com) Message-Id: <202104150132.13F1Ww9w003426@slippy.cwsent.com> X-Mailer: exmh version 2.9.0 11/07/2018 with nmh-1.7.1 Reply-to: Cy Schubert From: Cy Schubert X-os: FreeBSD X-Sender: cy@cwsent.com X-URL: http://www.cschubert.com/ To: Cy Schubert cc: Ed Maste , freebsd-stable stable Subject: Re: Deprecating base system ftpd? Comments: In-reply-to Cy Schubert message dated "Mon, 05 Apr 2021 07:44:59 -0700." Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Wed, 14 Apr 2021 18:32:58 -0700 X-CMAE-Envelope: MS4xfMbdhUIvksB5NYSd5XYymnmZl32za3e9rX8IJsol7YNVb5KPS0nK3KNhce366qzembGP3A5O0ssC7LuhF8p0OhbVGPVUu3O3hoxL7EmEZ21qO5EToTK3 kvLsb+nwjwWcZKYPvtYG/qxCFha1PxwY1XQ3r9p4q2GNpQSJM5BvDsZqiVXo5D4Nx2D6GkhdBvrhQ1C4d3rbSkkZ0+/9pc6WRmceOKvQUpxidPt8GLZaCmu7 Z6C9mIvLxJBaDPAxvWQ1bA== X-Rspamd-Queue-Id: 4FLMKq5D6kz4j2N X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of cy.schubert@cschubert.com has no SPF policy when checking 64.59.136.137) smtp.mailfrom=cy.schubert@cschubert.com X-Spamd-Result: default: False [0.30 / 15.00]; HAS_REPLYTO(0.00)[Cy.Schubert@cschubert.com]; RCVD_VIA_SMTP_AUTH(0.00)[]; MV_CASE(0.50)[]; RCVD_COUNT_THREE(0.00)[4]; TO_DN_ALL(0.00)[]; NEURAL_HAM_SHORT(-1.00)[-1.000]; RECEIVED_SPAMHAUS_PBL(0.00)[70.66.148.124:received]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[64.59.136.137:from]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:6327, ipnet:64.59.128.0/20, country:CA]; FAKE_REPLY(1.00)[]; ARC_NA(0.00)[]; REPLYTO_EQ_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; SUBJECT_ENDS_QUESTION(1.00)[]; DMARC_NA(0.00)[cschubert.com: no valid DMARC record]; AUTH_NA(1.00)[]; SPAMHAUS_ZRD(0.00)[64.59.136.137:from:127.0.2.255]; RCVD_IN_DNSWL_LOW(-0.10)[64.59.136.137:from]; RCVD_TLS_LAST(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; R_SPF_NA(0.00)[no SPF record]; MAILMAN_DEST(0.00)[freebsd-stable] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Apr 2021 01:33:04 -0000 Cy Schubert writes: > In message om> > , Ed Maste writes: > > I propose deprecating the ftpd currently included in the base system > > before FreeBSD 14, and opened review D26447 > > (https://reviews.freebsd.org/D26447) to add a notice to the man page. > > I had originally planned to try to do this before 13.0, but it dropped > > off my list. FTP is not nearly as relevant now as it once was, and it > > had a security vulnerability that secteam had to address. > > I think this is an excellent start. My shopping list includes: > > - remove ftp(1) > - remove ftpd(8) > - remove telnet(1) > - remove telnetd(8) > - remove ftp:// and http:// from libfetch. This is 2021 and we should all > use https://. > - replace DNS lookups with DoH and/or DoT. Why let your ISP see your DNS > traffic? > > > > > I'm happy to make a port for it if anyone needs it. Comments? > > I've started working on splitting ftp and ftpd into an external git repo. > The problem I've encountered is that though only ftp and ftpd are left the > resultant repo is still 1.2 GB. If my last attempt fails, there is a choice > between a 1.2 GB repo and burning ftp forever then the choice is clear: > burn it forever. The best I can do to separate libexec/ftpd out into its own repo is 596 MB (ZFS lz4 compressed). The worst was 1.5 GB. I suppose 596 MB will do. If we want to make it smaller then history will need to take a back seat. We can do a port with it now. -- Cheers, Cy Schubert FreeBSD UNIX: Web: https://FreeBSD.org NTP: Web: https://nwtime.org The need of the many outweighs the greed of the few.