Deprecating base system ftpd?
Ruben van Staveren
ruben at verweg.com
Mon Apr 5 12:10:26 UTC 2021
> On 3 Apr 2021, at 22:39, Ed Maste <emaste at freebsd.org> wrote:
>
> I propose deprecating the ftpd currently included in the base system
> before FreeBSD 14, and opened review D26447
> (https://reviews.freebsd.org/D26447) to add a notice to the man page.
> I had originally planned to try to do this before 13.0, but it dropped
> off my list. FTP is not nearly as relevant now as it once was, and it
> had a security vulnerability that secteam had to address.
>
> I'm happy to make a port for it if anyone needs it. Comments?
Make it a port
It is time to deprecate ftp altogether, and any other protocols that embed protocol information in layer 7, thus hurting any #IPv6 migration and deployment technology (SIIT-DC e.g).
Hopefully the IETF can put up a deprecation notice, just as was done for e.g. TLS 1.0.
Then we move onward to the self regulating capacity of the community, warning each other on “you have ftp” running.
ftp, a protocol not using TLS protection but by adding it a netadmin needs to manage the port range in their firewalls too because clients behind nat can’t use passive mode with TLS as NAT can’t map things around ¯\_(ツ)_/¯
It is not worth the time and the hassle. Keep FTP(s) for legacy and internal, serve anyone else with https
Best Regards,
Ruben
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20210405/11f979b8/attachment.sig>
More information about the freebsd-stable
mailing list