Re: Deprecating ftpd in the FreeBSD base system?

From: Maxim Sobolev <sobomax_at_freebsd.org>
Date: Thu, 17 Sep 2020 08:19:29 -0700
Re: removing HTTP client please no!!! The current drive to "outlaw" HTTP
coming from companies who see all world via web browser. Totally ignoring
the fact that HTTP != HTTPS in particular in cases where reliability and
lower complexity of the system takes precedence over on-the-wire protocol
security. For example, many internal APIs of AWS EC2 are HTTP.

-Max

On Thu., Sep. 17, 2020, 7:04 a.m. Cy Schubert, <Cy.Schubert_at_cschubert.com>
wrote:

> In message
> <CAPyFy2BHki84KuzP94AqTLk7v9FTAnLP-sa4HaFLq0kdxt0dEQ_at_mail.gmail.c
> om>
> , Ed Maste writes:
> > FTP is (becoming?) a legacy protocol, and I think it may be time to
> > remove the ftp server from the FreeBSD base system - with the recent
> > security advisory for ftpd serving as a reminder.
> >
> > I've proposed adding a deprecation notice to the man page in
> > https://reviews.freebsd.org/D26447 to start this off. There are a
> > number of ftp servers in ports, and if we're going to remove the base
> > system one we can create a port for it first, as well.
> >
> > Any comments or concerns, please follow up in the code review or in
> email her
> > e.
>
> We should also deprecate the FTP client.
>
> I've been advocating removing FTP (and HTTP) from libfetch as well. People
> should be using HTTPS only. (libfetch could support a plugin that might be
> supplied by a port should someone be inclined to write one.)
>
> FTP is firewall unfriendly.
>
> The F5 gateway at $JOB does not support FTP. When we still worked at the
> office I had to take my $JOB laptop to the coffee shop to use their
> wireless to download patches from Broadcom's FTP site. Now that I WFH (we
> won't ever go back to the office) I download while disconnected from the
> VPN.
>
> Then move the removed bits to ports, which I think we already have in
> tnftp
> and tnftpd.
>
>
> --
> Cheers,
> Cy Schubert <Cy.Schubert_at_cschubert.com>
> FreeBSD UNIX:  <cy_at_FreeBSD.org>   Web:  https://FreeBSD.org
> NTP:           <cy_at_nwtime.org>    Web:  https://nwtime.org
>
>         The need of the many outweighs the greed of the few.
>
>
> _______________________________________________
> freebsd-current_at_freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-current
> To unsubscribe, send any mail to "freebsd-current-unsubscribe_at_freebsd.org"
>
>
Received on Thu Sep 17 2020 - 13:19:44 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:25 UTC