Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 17 Sep 2020 08:19:29 -0700
From:      Maxim Sobolev <sobomax@freebsd.org>
To:        Cy Schubert <Cy.Schubert@cschubert.com>
Cc:        Ed Maste <emaste@freebsd.org>, FreeBSD Current <freebsd-current@freebsd.org>
Subject:   Re: Deprecating ftpd in the FreeBSD base system?
Message-ID:  <CAH7qZfu6UjA_Vaebsv4D6SDqzEGCKyUPFV2qoqo7ks95328tAw@mail.gmail.com>
In-Reply-To: <202009171404.08HE4fZj007939@slippy.cwsent.com>
References:  <CAPyFy2BHki84KuzP94AqTLk7v9FTAnLP-sa4HaFLq0kdxt0dEQ@mail.gmail.com> <202009171404.08HE4fZj007939@slippy.cwsent.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Re: removing HTTP client please no!!! The current drive to "outlaw" HTTP
coming from companies who see all world via web browser. Totally ignoring
the fact that HTTP != HTTPS in particular in cases where reliability and
lower complexity of the system takes precedence over on-the-wire protocol
security. For example, many internal APIs of AWS EC2 are HTTP.

-Max

On Thu., Sep. 17, 2020, 7:04 a.m. Cy Schubert, <Cy.Schubert@cschubert.com>
wrote:

> In message
> <CAPyFy2BHki84KuzP94AqTLk7v9FTAnLP-sa4HaFLq0kdxt0dEQ@mail.gmail.c
> om>
> , Ed Maste writes:
> > FTP is (becoming?) a legacy protocol, and I think it may be time to
> > remove the ftp server from the FreeBSD base system - with the recent
> > security advisory for ftpd serving as a reminder.
> >
> > I've proposed adding a deprecation notice to the man page in
> > https://reviews.freebsd.org/D26447 to start this off. There are a
> > number of ftp servers in ports, and if we're going to remove the base
> > system one we can create a port for it first, as well.
> >
> > Any comments or concerns, please follow up in the code review or in
> email her
> > e.
>
> We should also deprecate the FTP client.
>
> I've been advocating removing FTP (and HTTP) from libfetch as well. People
> should be using HTTPS only. (libfetch could support a plugin that might be
> supplied by a port should someone be inclined to write one.)
>
> FTP is firewall unfriendly.
>
> The F5 gateway at $JOB does not support FTP. When we still worked at the
> office I had to take my $JOB laptop to the coffee shop to use their
> wireless to download patches from Broadcom's FTP site. Now that I WFH (we
> won't ever go back to the office) I download while disconnected from the
> VPN.
>
> Then move the removed bits to ports, which I think we already have in
> tnftp
> and tnftpd.
>
>
> --
> Cheers,
> Cy Schubert <Cy.Schubert@cschubert.com>
> FreeBSD UNIX:  <cy@FreeBSD.org>   Web:  https://FreeBSD.org
> NTP:           <cy@nwtime.org>    Web:  https://nwtime.org
>
>         The need of the many outweighs the greed of the few.
>
>
> _______________________________________________
> freebsd-current@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-current
> To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"
>
>



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAH7qZfu6UjA_Vaebsv4D6SDqzEGCKyUPFV2qoqo7ks95328tAw>