[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [RFR] fex package



Justin B Rye ha scritto:
> I've just noticed that your post to mentors:
> http://lists.debian.org/debian-mentors/2008/11/msg00056.html
> had some useful extra context.
> 
> Giuseppe Iuculano wrote:
>> It uses inetd, and (debian) default installation takes over port 8080. User can
>> change it editing /etc/services
> 
> Running out of inetd is sufficiently unusual that it might well be
> worth hinting at in the package description, so that users don't
> expect a freshly-installed F*EX server to be visibly "running".
> 
> (Wait, editing /etc/services?  /etc/services says 8080 is
> "webcache"; does fex mess around with that?  Oh well, I'm wandering
> miles out of debian-l10n-english's jurisdiction.)

At the end of /etc/services we have a # Local services section, and this is the
right place to define fex port. For example after a default (debian package)
installation you will have:
# Local services
fexsrv          8080/tcp                        #F*EX

Other package makes the same job, you can investigate it with:
apt-cache rdepends openbsd-inetd

>>> Why not just mail the file?  Or up/download it via FTP?  These
>>> methods may have disadvantages, but none of them intrinsically limit 
>>> the file size, so I don't understand why F*EX is advertised so
>>> heavily on this basis.
>> Email isn't conceived for file transfer.
>> Do you think that sending an email with
>> a 100MB file size attachment is a good idea?
> 
> If the only machine I control is a home PC connected to the Internet
> by a dialup modem, it's quite possible that the _best_ solution is
> to compress the file with rzip, chop it up and send the bits via a
> series of e-mails.

Yes, this is a possible solution.

>> FTP should make its job, but I must
>> create/delete account for every file, or create an anonymous FTP account.
> 
> No, I just set up anonymous FTP and make it read-only.  Even easier,
> "apt-get install apache2" and chuck the file in the webroot.  That's
> assuming I've got root access on a well-networked server, of course.
> 

This doesn't provide the same privacy options than an unencrypted email,
anonymous-FTP = file-world-readable . You need some extra tuning.


>> Vincent Bernat wrote:
>>
>>> This kind of service is really  useful for users that keep sending large
>>> piece of data through mail servers  and then complain that this does not
>>> work. They  need an  easy service allowing  to send large  files without
>>> learning something new  (like a FTP client), which is  almost as fast as
>>> attaching a document  to an email and provides  the same privacy options
>>> than  an unencrypted  email (so,  uploading to  a shared  FTP is  not an
>>> option, unless  you excessively tune  the FTP server).   Otherwise, they
>>> will just keep sending files via mail.
> 
> Yes, so F*EX has advantages in terms of organising a particular
> *workflow* that makes life easier for admins with many (perhaps
> widely dispersed) non-technical users.  That's its selling point, so
> it needs to be clear from the description.

Oh, yes, this is the real purpose

>>> I see no explanation in /usr/share/doc/fex/SSL - only a shell
>>> fragment with undeclared dependencies on openssl and xinetd (as
>>> opposed to openbsd-inetd, which _is_ in the package dependencies).
>> Right, upstream recommends xinetd and that doc uses it
> 
> It's not documentation, it's a script that won't work.  SSL is
> possible, but it'll take some effort to set up.

You are right.

> But isn't e-mail our benchmark _wrong_ solution?  And in fact it
> seems to me that files sent via F*EX are slightly less secure than
> ones sent via gmail against some privacy dangers - for instance, the
> danger that the _admin_ might not be trustworthy.
> 

Welcome to the Internet :) Do you know with *absolute certainty* that a gmail
admin can't read your email?



> I don't need to.  They tell me what file they're talking about, and
> I put it on the webserver.  F*EX is for situations where that
> workflow isn't adequate.

This is true if you have 1 < users < 20 , when you have a lot of user/customer
you can't.


> 
> After all this moaning the least I should do is suggest an
> alternative first paragraph:
> 
>  Description: web service for transferring very large files         
>   F*EX (Frams's Fast File EXchange) is a service that can be used to
>   allow users anywhere on the Internet to exchange very large files
>   quickly and conveniently.
> 

Thanks.


Giuseppe.

Attachment: signature.asc
Description: OpenPGP digital signature


Reply to: