[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#323855: ITP: opencvs -- OpenBSD CVS implementation with special emphasis in security

Stefan Hornburg <deblists@linuxia.de> writes:
> Russ Allbery <rra@stanford.edu> wrote:

>> I don't think "it's not a good revision control system" is a good
>> reason to refuse the package, for exactly the same reason that Debian
>> still packages a telnet client even though everyone really should be
>> using SSH.  Switching to Subversion requires more than individual
>> action on the part of one person, and therefore isn't always possible
>> even if it's a good idea.

> There is a really good reason to have telnet *client* on board, and that
> is accessing IMAP / SMTP etc. servers for testing purposes.

You don't need a *telnet* client for that, just something like netcat.
telnet doesn't actually speak the telnet protocol to ports other than the
telnet port.  But yeah, that wasn't a great example.  :)

A better example would be that Debian packages traditional rsh and rlogin
clients, which are far more obsolete than CVS is but which some sites
still need for interoperability with legacy systems and configurations.
Or just the example of RCS, which is probably the most to point.  Or
uuencode (shouldn't everyone use base64?), or sharutils (shouldn't
everyone use tar?), or....

There are good reasons to keep shipping implementations of software that
some people consider obsolete.  The technology world sometimes doesn't
move as fast as we would all like, and sometimes there are good reasons to
keep using an older method (if for no other reason than that it works and
there's no good reason, in that particular case, to change).

Russ Allbery (rra@stanford.edu)             <http://www.eyrie.org/~eagle/>

Reply to: