Slashdot Mirror
r* Programs Being Removed from OpenBSD -current
moonboy writes: "This post over at OpenBSD Journal tells of the r* programs (rsh, rlogin, rcopy, etc) being removed from the -current tree. Can Telnet and FTP be far behind? I say good riddance."
← Back to Stories (view on slashdot.org)
Removing redundant, unnecessary, and potentially dangerous programs from the distro is a really good idea.
Creating the symlinks just adds complexity to a system that doesn't need it.
I have been pwned because my
hmm, im not very familier with bsd and darwin developments, but i wonder if apple will follow suit.
i just checked my 10.2.4 and it has rlogin, and perl. Perl is quite usefull, but i agree it shouldnt be part of a default install. the rtools are a big risk, and rightly should be gotten rid of. with ssh and secure versions of most of these r tools, there existance is moot.
Apple prides itself on the power of unix, simplicity of a mac, and i think it works great. (havent touched my pc in weeks) but i question if a desktop os really needs the rtools.
I believe something has eluded the 'BSD is dying crowd' and the 'Perl is winbest' crowd.
:D
For starters, BSD is not dying in my eyes. Linux is great, I love it, but it is seriously bloated. 'But seraphim,' you say, 'you are a fag man for thinking these thingz.' I have recently bought SuSE 8.0 Pro. It is terribly bloated. Its really good for a desktop machine, but for a down and dirty linux box, its just not there. I have also used Redhat 7.0-7.2. They are extremely bloated as well. Not quite to the M$ extreme, but still dangerous. Slackware is the only linux I have used that gets me feeling that I am involved in the console and that its working with me, rather than me forcing it to do things. BSD is a down and dirty OS. Its great for just digging your teeth in and tearing into. It is not your fancy pants linux distro or desktop GUI OS (i leave that up to my new iMac
And on the issue of Perl. Perl is not being taken out of FreeBSD. It has not been rebuked by the FreeBSD staff and shunned to the 9th circle of hell. It is, however, not included into the base install. Saving, around 40mb, i believe. Now you say 'You silly fagtrot, thats not that much.' Well, yes and no. Yes it isnt a lot when you are running BSD on a AMD 2100XP with a 80g hard drive. I , however, run my BSD on a 486 with a 800mb hard drive. Space is key to me. If i want to install perl, i simply say, 'Hey there BSD, install me some perl.' Otherwise i dont really need it.
Hopefully this will clear some things up.
But he was unmoved, and cried: "If I am mad, it is mercy! May the gods pity the man who in his callousness can remain sa
At first when I read this I was a little against it, now that I thought about it I am all for it, too many people just leave services open and get hacked. So the less that is loaded the less that can be hacked.
If you want FTP, download the latest version of ProFTPd or Wu-FTPd and load those, same with Apache.
As a BSD'er with +49 Karma, I think I can field this question.
o rums.org/. com/
Why post comments on Slashdot's BSD section? Slashdot is a terrible news distribution system, and even worse is the BSD section which is almost completely ignored by the admins.
The point? There are plenty of other BSD sites to discuss these things on.
http://Deadly.org for OpenBSD specific stuff.
http://BSDToday.com for more general BSD stuff.
http://www.daemonnews.org/
http://www.maximumbsd.com/
http://www.freebsdf
http://bsdvault.net/
http://bsdatwork
http://www.bsdfreaks.nl/
And even more, lesser known sites. So my question is, why worry about the slashdot / bsd site which only gets a new bit of info every couple of weeks? There are plenty of better options which have news, tutorials, tips, etc. for those interested in BSD.
Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
I doubt anyone smart enough to install and run OpenBSD is going to be stupid enough to run the r suite of utilities.
But I have to pause in remembrance, because, after all, they are the Berkeley r-suite.
I used them for many years, alongside telnet and ftp, back in the 1980's when 4.2BSD was distributed with my computer. Anyone remember doing tilde escapes to pop back to the local machine?
Even though their security model is insufficient in this present day and age, they really helped to pave the way in showing how remote computers could be accessed in a convenient and powerful way.
It's fitting that a BSD will be the first to retire this venerable set of programs.
R.I.P., r-suite.
"Provided by the management for your protection."
It's about time.
I'm an OpenBSD user, and a Perl advocate. I love Perl, but not everyone does. Not everyone needs it, just like not everyone needs Python or tcl/tk.
OpenBSD is the closest thing I've seen to an operating system in a long time. When I install an OS, I want to chose what to turn on, not hope I turned off everything I didn't need. I want to know dozens of eyes have done their best to be sure the OS is secure.
The ports collection is far better than any package management tool I've used (Sun pkgadd, Linux RPM). Not only is it good, but OpenBSD's is the best of any BSD I've used (Free and Net) because it's clean. There is only a tiny chance a port you try and build won't work (::leering at FreeBSD::) and it's so easy that I don't mind doing a make;make install to get Perl.
All that said, Theo's recent rant about r* utils makes perfect sense. Get rid of it!
And while we're at it, toss telnet out with the bathwater. Anyone who isn't using ssh to connect to a remote machine is *begging* to get owned. The only way some people are going to use secure tools is if we force them to. I know at work until I turn telnet off people will use that over ssh because it's familiar, because they don't want to upgrade the 100 year old version of QVTTerm they have.
As for FTP - don't let the door hit you in the ass on the way out. I've been using scp for so long I get physically ill when I see this:
ftp>
Yeah it works, but it's a gaping hole. If people want it, fine, but build the daemon you want from the ports collection. The idea of inetd housing all these "critical" services is just an invite to get owned.
I'm not a huge security nut (my boss won't use a grocery store card because his "marketing data is worth more than what they give me"), but in the battle for securie systems, we are losing! Servers here at work are breeding like rabbits, and everyone is not as savy as you and I. We need to do whatever we can to nudge them in the right direction, not just for their own sake, but for everyones sake.
"All I ever wanted was to see Larry Wall give Bill Gates a Perl necklace."
http://www.eisenschmidt.org/jweisen
I use telnet more often than I use ssh.
Ssh - I use for connecting to other machines.
Telnet - I use for testing webservers, mail servers, news servers, testing whether ssh servers are alive and what version they're running, etc etc.
Just because the telnet DAEMON is undesirable doesn't mean the client is so too.
Slashdot? Oh, I just read it for the articles.
...that they remove "rm" last.
Liberty uber alles.