[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Proposal: remove krb5-appl (rlogin, rsh, telnet, ftp with krb5 support)

On Sat, Jan 25, 2014 at 7:13 PM, Moritz Mühlenhoff <jmm@inutil.org> wrote:
> Brian May <brian@microcomaustralia.com.au> schrieb:
>> --001a11c1fd62df72e504f0aac077
>> Content-Type: text/plain; charset=UTF-8
>> On 24 January 2014 04:14, Jelmer Vernooij <jelmer@samba.org> wrote:
>>> > My proposal is to drop the package from the archive, but I wanted to
>>> > give others a chance to shout out that I'm wrong and that there's some
>>> > compelling use-case I've missed.
>>> > If someone can convince me that the packages are useful I'm happy to
>>> > spend some effort on them.
>>> > However, I don't think that's the case.
>>> FWIW we are currently having the same discussion for the Heimdal packages.
>> http://thread.gmane.org/gmane.comp.encryption.kerberos.heimdal.general/7608
>> I think these old binaries could make the entire source package and all
>> binary packages it builds look bad, if for example somebody discovers a
>> serious security issue. Which is very possible, as I don't think anyone is
>> really interested in the source code any more.
> I agree with the removal. http://www.debian.org/security/2011/dsa-2375 was
> already a sufficiently unpleasant christmas present (exploit was posted on
> on 24th December)

I agree with the removal. Debian should really make itself obsolete by
removing any option to do fast and secure enterprise login. ssh is the
way to go for all, since all deserve slow and messy login performance.

Now seriously... think about it: Is it *wise* to remove these utilities?

Sebastian Feld - IT secruity expert

Reply to: