From owner-freebsd-arch@freebsd.org Mon Oct 9 16:32:51 2017 Return-Path: Delivered-To: freebsd-arch@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 45A03E3596C for ; Mon, 9 Oct 2017 16:32:51 +0000 (UTC) (envelope-from freebsd-rwg@pdx.rh.CN85.dnsmgr.net) Received: from pdx.rh.CN85.dnsmgr.net (br1.CN84in.dnsmgr.net [69.59.192.140]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7A81467771; Mon, 9 Oct 2017 16:32:49 +0000 (UTC) (envelope-from freebsd-rwg@pdx.rh.CN85.dnsmgr.net) Received: from pdx.rh.CN85.dnsmgr.net (localhost [127.0.0.1]) by pdx.rh.CN85.dnsmgr.net (8.13.3/8.13.3) with ESMTP id v99GWbcd078854; Mon, 9 Oct 2017 09:32:37 -0700 (PDT) (envelope-from freebsd-rwg@pdx.rh.CN85.dnsmgr.net) Received: (from freebsd-rwg@localhost) by pdx.rh.CN85.dnsmgr.net (8.13.3/8.13.3/Submit) id v99GWaUK078853; Mon, 9 Oct 2017 09:32:36 -0700 (PDT) (envelope-from freebsd-rwg) From: "Rodney W. Grimes" Message-Id: <201710091632.v99GWaUK078853@pdx.rh.CN85.dnsmgr.net> Subject: Re: rtools were deemed almost unused 15 years ago... In-Reply-To: To: Jeremie Le Hen Date: Mon, 9 Oct 2017 09:32:36 -0700 (PDT) CC: "Julian H. Stacey" , freebsd-arch@freebsd.org X-Mailer: ELM [version 2.4ME+ PL121h (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Oct 2017 16:32:51 -0000 > On Wed, Oct 4, 2017 at 12:35 PM, Julian H. Stacey wrote: > >> Have you picked up the recent changes to the code in your port? > >> > >> ----- Jeremie Le Hen's Original Message ----- > >> > I've slacked a bit but here we are: > >> > https://reviews.freebsd.org/D12573 > >> >=20 > >> > On Sat, Jul 1, 2017 at 12:08 PM, Jeremie Le Hen wrote: > >> > > On Sat, Jun 24, 2017 at 10:29 PM, Jeremie Le Hen wrot= > >> e: > >> > >> So the first step was to create a port with FreeBSD rcmds, here we > >> > >> are! But I need some eyes to vet it: > >> > >> https://reviews.freebsd.org/D11345 > >> > > > >> > > The port has been submitted and RCMDS are disabled by default from the > >> > > base system. > >> > > > >> > > See you in a month for the removal! > > > > > > NO ! It's maddening, code vandals periodicaly wanting to delete working code > > & pontificating what others globaly should be denied, & forced to do & not do. > > > > One example why FreeBSD should not delete rlogin & telnet etc > > 3 days ago, a host with broken sshd (bad shared libs version > > number), was rescued by ssh to trusted parent host, then rlogin > > from that parent host to underlying jail. > > > > 3rd party code vandals are Not fit to decide what code should be > > denied globaly in other peoples' environments. By all means leave off by > > default in /etc/inetd.conf as now, but do Not Vandal Delete ! > > > > BSD is not Microsoft replete with masses of clueless users. BSD > > includes skilled users who may wish to make their own risk assessments, > > without interference. > > I know I shouldn't be replying to this message but I will do it > nonetheless, once and for all. > > You can install net/bsdrcmds and be happy again. I've even modified > inetd.conf(5) to use the path of the port's binary. You added yet another wrong assumption that ports must live in /usr/local to the base system, something that was irradicated 20 years ago and has slowly crept back in over the decades. > > This was announced and approved. Disabling it from inetd.conf(5) > wouldn't have solved the setuid issue. I suggest you re-read the > original email explaining the proposal: > https://lists.freebsd.org/pipermail/freebsd-arch/2017-June/018239.html > > It surely displeases a small percentage of users but this reduces the > attack surface for 100% of them. Additionally, it reduces the FreeBSD > project maintenance cost > > -- Jeremie > > > > > > > Cheers, > > Julian > > -- > > Julian H. Stacey, Computer Consultant, BSD Linux Unix Systems Engineer, Munich > > Reply below, Prefix '> '. Plain text, No .doc, base64, HTML, quoted-printable. > > http://berklix.eu/brexit/ UK stole 3,500,000 votes; 700,000 from Brits in EU. > > _______________________________________________ > > freebsd-arch@freebsd.org mailing list > > https://lists.freebsd.org/mailman/listinfo/freebsd-arch > > To unsubscribe, send any mail to "freebsd-arch-unsubscribe@freebsd.org" > > > > -- > Jeremie Le Hen > jlh@FreeBSD.org > _______________________________________________ > freebsd-arch@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-arch > To unsubscribe, send any mail to "freebsd-arch-unsubscribe@freebsd.org" > -- Rod Grimes rgrimes@freebsd.org