From nobody Wed Dec 18 03:10:46 2024
X-Original-To: freebsd-arch@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4YCdwl57gJz5gf7l
	for <freebsd-arch@mlmmj.nyi.freebsd.org>; Wed, 18 Dec 2024 03:10:47 +0000 (UTC)
	(envelope-from kevans@FreeBSD.org)
Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "smtp.freebsd.org", Issuer "R10" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4YCdwl4ZNFz4Gf0
	for <freebsd-arch@freebsd.org>; Wed, 18 Dec 2024 03:10:47 +0000 (UTC)
	(envelope-from kevans@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1734491447;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=l+FjkqM27kBYKFIJwK2K2XEX8DAp8TxHgRmVKwxfktk=;
	b=l29r7Z89q63FxkdZJjSNELDG8kp1ovM4QrPSITbHZScEiEcjPQAAx1yOilgWoZ8W3Y4HIx
	YAa4TwMPmKQ/Dx9ttUMGqgu8ItuGHMJPzyiSenW36Eg4Ex5qaTRZU/JJ3dbV4z6UzB939L
	OOZQAf7XnRXGZ1i8Lz7VC+1NpZsVH0OGzS4iF8Vco+LVwJf25oMj4l+ThdwSoHecdsnvSH
	VAbjPH8pRobIg6APhzJ3/cBECK4rHP6C8K5PJpl9dtbzRSfsD0nDZ34PQoRkuC9xKwijP/
	40HWlNmdg0ufCmHm9eCCJaNuTRvRLYMCiAGMg3hoFFeCBCgXv8dRZrP/fxOAog==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1734491447;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=l+FjkqM27kBYKFIJwK2K2XEX8DAp8TxHgRmVKwxfktk=;
	b=cgivbqi6EAayZbN5LfRCo2qLGNAEyFhrA+ikMleQazOfnjGmHpz+khoHjmKCBrLaLzQGdC
	x6r0B1fpTlGG3ZM7vZTFgJOtO6m291WF/ibtrK7nJdYAQ1lIjdlrdDlr5unupSelt9OLQ9
	BwQRtg7eP03TIIQNX+zjX4UsBGvwc1+ct+OwAvtXdujVp4/X9LyIfogGDXgCQmuniiJQbl
	bwObURwI4Qcj8CArWbUn0zj7z0FKN6n0x5hSzuE2Xbb/GocR2kbxTUI6L/QNeqxzNEW5cR
	nYl/48q63uAVQfcXXao6qTnMDCYei0fY9SbmzxL5nbbIPnv76tHtZpl82CMX4A==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1734491447; a=rsa-sha256; cv=none;
	b=AMboIpw+UWlDzbzja/XLmImt7GPw5VDixxZjNqUGtWXbefpCngJyar/EHCv4pqVsaPMUEV
	mMn4wYCCct3wxleC74IoM2OqLC0SdCHeRpUgraYhHQhCYpUd20dr4J6PFwBdQ4NiCN6o4K
	2WOIODNrjrBL9pRR4yifLUWRyWK6S+hmBibMiBCHlEkO5/e6N9L9nlVEBgsiiLQQH2owva
	Gy1J0+6U8c1ulVRs0IwaEZOrazoLToF60r4E0oPuGeKDt4bwfFFPZhwGCDtZwRJC49mYqm
	9lourTIA8CnTNusAwfRzT+AxP112FBjx03BQ4NSR8bKep6o6844MZ/cZzwDU6A==
Received: from [10.9.4.95] (unknown [209.182.120.176])
	(using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	(Authenticated sender: kevans/mail)
	by smtp.freebsd.org (Postfix) with ESMTPSA id 4YCdwl1slrz10Hq
	for <freebsd-arch@freebsd.org>; Wed, 18 Dec 2024 03:10:47 +0000 (UTC)
	(envelope-from kevans@FreeBSD.org)
Message-ID: <395c1241-b331-4d9a-90d8-0144ee6241bc@FreeBSD.org>
Date: Tue, 17 Dec 2024 21:10:46 -0600
List-Id: Discussion related to FreeBSD architecture <freebsd-arch.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-arch
List-Help: <mailto:freebsd-arch+help@freebsd.org>
List-Post: <mailto:freebsd-arch@freebsd.org>
List-Subscribe: <mailto:freebsd-arch+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-arch+unsubscribe@freebsd.org>
Sender: owner-freebsd-arch@FreeBSD.org
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Subject: Re: Removing shar(1)
To: freebsd-arch@freebsd.org
References: <0d63a94d-2773-4efd-b789-0b753ab38b91@FreeBSD.org>
 <Z2I4eAmzbf1agqhh@hemlock.eden.le-fay.org>
Content-Language: en-US
From: Kyle Evans <kevans@FreeBSD.org>
In-Reply-To: <Z2I4eAmzbf1agqhh@hemlock.eden.le-fay.org>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit

On 12/17/24 20:50, מרים wrote:
> Kyle Evans:
>> I was reminded the other day that shar(1) exists, though it's use is no
>> longer recommended in ports.  The same functionality can be found in tar(1)
>> instead, so I think we should deorbit /usr/bin/shar and stop promoting it
>> entirely.
> 
> for whatever it's worth (probably not much) i strongly disagree.
> shar(1) has been around for ages and it does no harm to keep it.
> 

We're not doing our users any favors by promoting it as a first-class 
citizen like this.  There are much safer/better archive alternatives 
that are still almost universally available, we really should be looking 
for a higher bar than "it has been around for ages" to retain it.

>>   It is easy to insert trojan horses into shar files.
> 
> half the software on the Internet nowadays tells people to do "curl |
> bash" and we don't advocate for removing fetch(1) or sh(1).

We don't, and we certainly don't advocate for our users to do such silly 
things. (See the explicit reference to that exact construct in the 
original e-mail)

Thanks,

Kyle Evans