Deprecating base system ftpd?

Thu Apr 8 16:05:22 UTC 2021

On 2021-04-07 23:27, aventador at fastmail.fm wrote:
> I think folks have different definitions of what an operating system should 
> be.
Agreed.
> 
> An Operating System (OS) is an interface between a computer user and 
> computer
> hardware. An operating system is a software which performs all the basic 
> tasks
> like file management, memory management, process management, handling input 
> and
> output, and controlling peripheral devices such as disk drives and printers.
> 
> If you add or take away from the above definition, then there is your 
> misunderstanding.
IMHO many refer to Linux as an Operating System. When in fact it is a Kernel. 
Which
is also what you describe above.
OTOH, UNIX as an OS has a defined set of commands available, as well as 
servers to
facilitate running a fully installed server. Which is what I believe he was
referring to.

At this point I think this thread is becoming tiresome. ;-)

--Chris
> 
> Best Regards,
> Vic Thacker
> 
> 
> On Wed, Apr 7, 2021, at 21:17, tech-lists wrote:
>> Hi, I'm a bit late to the discussion
>> 
>> On Mon, Apr 05, 2021 at 07:44:59AM -0700, Cy Schubert wrote:
>> 
>> >I think this is an excellent start. My shopping list includes:
>> >
>> >- remove ftp(1)
>> >- remove ftpd(8)
>> >- remove telnet(1)
>> >- remove telnetd(8)
>> >- remove ftp:// and http:// from libfetch. This is 2021 and we should all
>> >use https://.
>> >- replace DNS lookups with DoH and/or DoT. Why let your ISP see your DNS
>> >traffic?
>> 
>> Very firmly against this, and this sort of thing, for the following 
>> reasons:
>> 
>> 1. I want an OS, not a kernel. If I just want a kernel, then why not go
>> with linux? FreeBSD is meant to be, I think, (generally), a server OS.
>> So, would you agree that it needs the ability to have server protocols
>> easily configured, with a minimum of fuss, without packages?
>> 
>> 2. a lot of infrastructure depends on ftpd. it's easy to configure
>> securely ftpd in base.
>> 
>> 3. there are some networks, like internal ones, where encryption is not
>> a requirement, or appropriate.
>> 
>> 4. there are some places where encryption is in fact illegal.
>> 
>> >Personally, I'd suggest we remove the ftpd server *AND* ftp client and rely
>> >on ports. Having worked on UNIX, Internet security, and firewalls over the
>> >last 3/5 of my almost 50 year career, I have lamented the existence of the
>> >FTP protocol back in 1995 and I hate the FTP protocol with greater a
>> >passion today. Let's simply remove all vestiges of FTP from the base
>> >system, including libfetch, sooner than later. We don't need it now that we
>> >have HTTPS and POST; and sftp.
>> 
>> 5. some services commonly don't use https. Lots of internet radio
>> stations don't. If https is enforced then the user will have to jump
>> through more hoops than they already do in order to, in this case,
>> listen to internet radio. Or face a loss of functionality.
>> 
>> 6. not everywhere will have constant internet access. Not everyone will
>> want to use pkgs or have space for the ports tree.
>> 
>> >I think we should make it our goal to remove any and all unencrypted
>> >protocols from FreeBSD by 2025.
>> 
>> I think you should carefully think of the consequences of removing
>> functionality in the default install. It will make it less useful, not
>> more.
>> --
>> J.
>> 
>> Attachments:
>> * signature.asc
> _______________________________________________
> freebsd-stable at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"