Bug#81118: base: Wishlist: High security base system (or separate add-on package)
Anthony Towns wrote:
> Oh, and for reference, portmap hasn't has a security update forever
> while I've been maintaining it. Heck, there don't seem to have been any
> changes to portmap since 1997. But hey, feel free to make the traditional
> baseless accusations of insecurity, whatever.
If it is a daemon that binds to a port, and it doesn't have "secure" in its
name or "encryption" in its description, it's gotta be insecure.
(Or at least some people seem to think so; ignoring all the clients
which they don't realize _also_ bind to ports; ignoring the propensity
of programs that have "secure" in their name to be anything but;
ignoring how hard encryption is to get right; and ignoring much more
risky things like suid binaries, binary-only programs, and typically-buggy
cgi scripts. :-P)
BTW there are secure uses of telnet. telnet to 'kitenet.net' and log in
as 'beer' (no password) for one of them.
see shy jo