Date: Mon, 9 Oct 2017 09:32:36 -0700 (PDT) From: "Rodney W. Grimes" <freebsd-rwg@pdx.rh.CN85.dnsmgr.net> To: Jeremie Le Hen <jlh@freebsd.org> Cc: "Julian H. Stacey" <jhs@berklix.com>, freebsd-arch@freebsd.org Subject: Re: rtools were deemed almost unused 15 years ago... Message-ID: <201710091632.v99GWaUK078853@pdx.rh.CN85.dnsmgr.net> In-Reply-To: <CAGSa5y2Rt_CZW0xQktmoS01zDG65OaveLp%2Bn9tenXJQA4LfSYA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Wed, Oct 4, 2017 at 12:35 PM, Julian H. Stacey <jhs@berklix.com> wrote: > >> Have you picked up the recent changes to the code in your port? > >> > >> ----- Jeremie Le Hen's Original Message ----- > >> > I've slacked a bit but here we are: > >> > https://reviews.freebsd.org/D12573 > >> >=20 > >> > On Sat, Jul 1, 2017 at 12:08 PM, Jeremie Le Hen <jlh@freebsd.org> wrote: > >> > > On Sat, Jun 24, 2017 at 10:29 PM, Jeremie Le Hen <jlh@freebsd.org> wrot= > >> e: > >> > >> So the first step was to create a port with FreeBSD rcmds, here we > >> > >> are! But I need some eyes to vet it: > >> > >> https://reviews.freebsd.org/D11345 > >> > > > >> > > The port has been submitted and RCMDS are disabled by default from the > >> > > base system. > >> > > > >> > > See you in a month for the removal! > > > > > > NO ! It's maddening, code vandals periodicaly wanting to delete working code > > & pontificating what others globaly should be denied, & forced to do & not do. > > > > One example why FreeBSD should not delete rlogin & telnet etc > > 3 days ago, a host with broken sshd (bad shared libs version > > number), was rescued by ssh to trusted parent host, then rlogin > > from that parent host to underlying jail. > > > > 3rd party code vandals are Not fit to decide what code should be > > denied globaly in other peoples' environments. By all means leave off by > > default in /etc/inetd.conf as now, but do Not Vandal Delete ! > > > > BSD is not Microsoft replete with masses of clueless users. BSD > > includes skilled users who may wish to make their own risk assessments, > > without interference. > > I know I shouldn't be replying to this message but I will do it > nonetheless, once and for all. > > You can install net/bsdrcmds and be happy again. I've even modified > inetd.conf(5) to use the path of the port's binary. You added yet another wrong assumption that ports must live in /usr/local to the base system, something that was irradicated 20 years ago and has slowly crept back in over the decades. > > This was announced and approved. Disabling it from inetd.conf(5) > wouldn't have solved the setuid issue. I suggest you re-read the > original email explaining the proposal: > https://lists.freebsd.org/pipermail/freebsd-arch/2017-June/018239.html > > It surely displeases a small percentage of users but this reduces the > attack surface for 100% of them. Additionally, it reduces the FreeBSD > project maintenance cost > > -- Jeremie > > > > > > > Cheers, > > Julian > > -- > > Julian H. Stacey, Computer Consultant, BSD Linux Unix Systems Engineer, Munich > > Reply below, Prefix '> '. Plain text, No .doc, base64, HTML, quoted-printable. > > http://berklix.eu/brexit/ UK stole 3,500,000 votes; 700,000 from Brits in EU. > > _______________________________________________ > > freebsd-arch@freebsd.org mailing list > > https://lists.freebsd.org/mailman/listinfo/freebsd-arch > > To unsubscribe, send any mail to "freebsd-arch-unsubscribe@freebsd.org" > > > > -- > Jeremie Le Hen > jlh@FreeBSD.org > _______________________________________________ > freebsd-arch@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-arch > To unsubscribe, send any mail to "freebsd-arch-unsubscribe@freebsd.org" > -- Rod Grimes rgrimes@freebsd.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201710091632.v99GWaUK078853>