Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 9 Oct 2017 09:32:36 -0700 (PDT)
From:      "Rodney W. Grimes" <freebsd-rwg@pdx.rh.CN85.dnsmgr.net>
To:        Jeremie Le Hen <jlh@freebsd.org>
Cc:        "Julian H. Stacey" <jhs@berklix.com>, freebsd-arch@freebsd.org
Subject:   Re: rtools were deemed almost unused 15 years ago...
Message-ID:  <201710091632.v99GWaUK078853@pdx.rh.CN85.dnsmgr.net>
In-Reply-To: <CAGSa5y2Rt_CZW0xQktmoS01zDG65OaveLp%2Bn9tenXJQA4LfSYA@mail.gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
> On Wed, Oct 4, 2017 at 12:35 PM, Julian H. Stacey <jhs@berklix.com> wrote:
> >> Have you picked up the recent changes to the code in your port?
> >>
> >> ----- Jeremie Le Hen's Original Message -----
> >> > I've slacked a bit but here we are:
> >> > https://reviews.freebsd.org/D12573
> >> >=20
> >> > On Sat, Jul 1, 2017 at 12:08 PM, Jeremie Le Hen <jlh@freebsd.org> wrote:
> >> > > On Sat, Jun 24, 2017 at 10:29 PM, Jeremie Le Hen <jlh@freebsd.org> wrot=
> >> e:
> >> > >> So the first step was to create a port with FreeBSD rcmds, here we
> >> > >> are!  But I need some eyes to vet it:
> >> > >> https://reviews.freebsd.org/D11345
> >> > >
> >> > > The port has been submitted and RCMDS are disabled by default from the
> >> > > base system.
> >> > >
> >> > > See you in a month for the removal!
> >
> >
> > NO ! It's maddening, code vandals periodicaly wanting to delete working code
> > & pontificating what others globaly should be denied, & forced to do & not do.
> >
> > One example why FreeBSD should not delete rlogin & telnet etc
> >   3 days ago, a host with broken sshd (bad shared libs version
> >   number), was rescued by ssh to trusted parent host, then rlogin
> >   from that parent host to underlying jail.
> >
> > 3rd party code vandals are Not fit to decide what code should be
> > denied globaly in other peoples' environments. By all means leave off by
> > default in /etc/inetd.conf as now, but do Not Vandal Delete !
> >
> > BSD is not Microsoft replete with masses of clueless users.  BSD
> > includes skilled users who may wish to make their own risk assessments,
> > without interference.
> 
> I know I shouldn't be replying to this message but I will do it
> nonetheless, once and for all.
> 
> You can install net/bsdrcmds and be happy again.  I've even modified
> inetd.conf(5) to use the path of the port's binary.

You added yet another wrong assumption that ports must live in
/usr/local to the base system, something that was irradicated
20 years ago and has slowly crept back in over the decades.

> 
> This was announced and approved. Disabling it from inetd.conf(5)
> wouldn't have solved the setuid issue. I suggest you re-read the
> original email explaining the proposal:
> https://lists.freebsd.org/pipermail/freebsd-arch/2017-June/018239.html
> 
> It surely displeases a small percentage of users but this reduces the
> attack surface for 100% of them.  Additionally, it reduces the FreeBSD
> project maintenance cost
> 
> -- Jeremie
> 
> >
> >
> > Cheers,
> > Julian
> > --
> > Julian H. Stacey, Computer Consultant, BSD Linux Unix Systems Engineer, Munich
> >  Reply below, Prefix '> '. Plain text, No .doc, base64, HTML, quoted-printable.
> >  http://berklix.eu/brexit/ UK stole 3,500,000 votes; 700,000 from Brits in EU.
> > _______________________________________________
> > freebsd-arch@freebsd.org mailing list
> > https://lists.freebsd.org/mailman/listinfo/freebsd-arch
> > To unsubscribe, send any mail to "freebsd-arch-unsubscribe@freebsd.org"
> 
> 
> 
> -- 
> Jeremie Le Hen
> jlh@FreeBSD.org
> _______________________________________________
> freebsd-arch@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-arch
> To unsubscribe, send any mail to "freebsd-arch-unsubscribe@freebsd.org"
> 

-- 
Rod Grimes                                                 rgrimes@freebsd.org



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201710091632.v99GWaUK078853>