Deprecating base system ftpd?

Eugene Grosbein eugen at grosbein.net
Tue Apr 6 10:15:50 UTC 2021


06.04.2021 1:27, Roger Leigh wrote:

>>> I propose deprecating the ftpd currently included in the base system
>>> before FreeBSD 14, and opened review D26447
>>> (https://reviews.freebsd.org/D26447) to add a notice to the man page.
>>> I had originally planned to try to do this before 13.0, but it dropped
>>> off my list. FTP is not nearly as relevant now as it once was, and it
>>> had a security vulnerability that secteam had to address.
>>>
>>> I'm happy to make a port for it if anyone needs it. Comments?
>>
>> I'm strongly against remove of stock ftpd. FTP is fastest protocol for both testing
>> and daily file transfer for trusted isolated segments, and even for WAN wrapped in IPSec.
>>
>> Our stock ftpd has very short backlog of security issues comparing with other FTP server implementations,
>> mostly linked with libc or other libraries and not with ftpd code itself.
>>
>> Please don't fix what ain't broken. Please.
> 
> How would you draw the line between something that must be part of the base system vs. something
> that would be better off as part of the ports tree?  What bar should ftpd have to meet to warrant remaining in base vs moving to ports?

POLA at least.

> Personally, I’ve never enabled it nor had any desire to.  FTP is, at this point in time, thoroughly obsolescent,

Because someone told us so? 

> and I cannot imagine that it is something that most people enable, if they are even aware of its existence.
> Why can’t it simply be installed from the ports for the occasional user who still requires it?

This is one of services that should be available even if distfiles/packages are not reachable.
You know, sshd used to be in ports too.

> Can I ask, for those who do enable it, why isn’t “sftp” acceptable (or “scp”)?

sftp is not compatible with FTP clients and FTP is faster, basically it is plain TCP socket for data transfer.



More information about the freebsd-stable mailing list