Re: lynx: disable old protocols
Thank you Bob and Stuart for the answers. What Bob proposes is a bit cumbersome since it involves remembering the full URL path. Stuart's suggestion really addresses the problem I'm experiencing. I admit there's only a bunch of cases where I haven't had my laptop within me, or no nearby computer with a monitor and a working network connection. Thanks for looking into this. -- Thanks a munch, Ville On Sat, Jul 19, 2014 at 12:28:17PM +0100, Stuart Henderson wrote: Personally I remember a few nearby mirror URLs, but I do think this could be improved - we could add a sample pkg.conf file to /etc/examples with a list of mirrors updated from mirrors.dat. Unless there are objections to that idea, I'll look at modifying the scripts for this. On 19 July 2014 01:36, Bob Beck b...@obtuse.com wrote: ftp -o - http://ftp.openbsd.org/pub/OpenBSD/snapshots/ftplist | some script, or maybe your eyes and pick one. On Fri, Jul 18, 2014 at 4:29 PM, Ville Valkonen weezeld...@gmail.com wrote: On 17 July 2014 00:10, Stuart Henderson st...@openbsd.org wrote: On 2014/07/16 16:00, Jean-Philippe Ouellet wrote: Oh come on... It's not like the URLs are some giant uuid-based madness or something. All the mirrors have the same simple layout. If you install lots of boxes regularly, it doesn't take long to memorize the name of your closest mirror. If you don't install lots of stuff, then just set installpath in your pkg.conf and forget about it. If you choose your mirror from the list in the installer, this is already set automatically in pkg.conf. Hello Stuart, what would you suggest for situations where installXX.iso is burned to a CD to avoid downloading sets from the net due a slow Internet connection? When sets are installed from the CD it doesn't set PKG_PATH. I couldn't find any mirror list from the ISO image by grepping. Previously I've used lynx to navigate on the project's website and copypaste mirror URL with tmux. Thanks in advance, Ville
Re: lynx: disable old protocols
Hmm.. as often I wondered what I should do. This one is so simple that I had to say it. I came up with ftp http://www.openbsd.org/ftp.html; And then cat the file. It gives a fairly readable list. Then there is only one easy URL to remember. gr Renzo Date: Sun, 20 Jul 2014 11:48:45 +0300 Subject: Re: lynx: disable old protocols From: weezeld...@gmail.com To: b...@obtuse.com CC: tech@openbsd.org; st...@openbsd.org Thank you Bob and Stuart for the answers. What Bob proposes is a bit cumbersome since it involves remembering the full URL path. Stuart's suggestion really addresses the problem I'm experiencing. I admit there's only a bunch of cases where I haven't had my laptop within me, or no nearby computer with a monitor and a working network connection. Thanks for looking into this. -- Thanks a munch, Ville On Sat, Jul 19, 2014 at 12:28:17PM +0100, Stuart Henderson wrote: Personally I remember a few nearby mirror URLs, but I do think this could be improved - we could add a sample pkg.conf file to /etc/examples with a list of mirrors updated from mirrors.dat. Unless there are objections to that idea, I'll look at modifying the scripts for this. On 19 July 2014 01:36, Bob Beck b...@obtuse.com wrote: ftp -o - http://ftp.openbsd.org/pub/OpenBSD/snapshots/ftplist | some script, or maybe your eyes and pick one. On Fri, Jul 18, 2014 at 4:29 PM, Ville Valkonen weezeld...@gmail.com wrote: On 17 July 2014 00:10, Stuart Henderson st...@openbsd.org wrote: On 2014/07/16 16:00, Jean-Philippe Ouellet wrote: Oh come on... It's not like the URLs are some giant uuid-based madness or something. All the mirrors have the same simple layout. If you install lots of boxes regularly, it doesn't take long to memorize the name of your closest mirror. If you don't install lots of stuff, then just set installpath in your pkg.conf and forget about it. If you choose your mirror from the list in the installer, this is already set automatically in pkg.conf. Hello Stuart, what would you suggest for situations where installXX.iso is burned to a CD to avoid downloading sets from the net due a slow Internet connection? When sets are installed from the CD it doesn't set PKG_PATH. I couldn't find any mirror list from the ISO image by grepping. Previously I've used lynx to navigate on the project's website and copypaste mirror URL with tmux. Thanks in advance, Ville
Re: lynx: disable old protocols
On 2014-07-11 at 8:57:16 Theo de Raadt wrote: Daniel is doing the right thing. Fully loaded lynx can be in the ports tree too, and we can keep track of the download statistics to see both users who download it every year... Dear Theo, Please permit me the distinct pleasure of saving you the trouble of tracking one user, me, a man from Alabama with a sense of humor and a little (not a lot!) common sense to go along with it. I downloaded the port tree and installed lynx yesterday (July 19) with the utmost haste, for I feared that lynx might have just met its untimely end for good in spite of the fanfare and hoopla on the tech list. So I offer my confession in full below, if you care to follow along. (Spoiler: the confession below is only a light-hearted attempt at levity from a simple fellow that doesn't mind having a little fun at his own expense :-) I had unsubscribed from the various lists on July 5 thinking that I needed to unplug a little from the world at large. (I know, I could have just suspended mail for a couple of weeks or so with majordomo.) In the meantime, I was mildly perturbed that my clock was off several hours (funny, there's a faq about that...,) because I had installed a Samsung EVO 840 SSD with OpenBSD exclusively (time is good) and I had to re-install the old drive, because I had a file on either LinuxMint or Windows 8.1 (triple boot with OpenBSD) that I needed for my business. Well, sir, when I put my SSD back in and booted up, the clock is off: 5 hours to be exact. Sure, I can config the kernel with timezone 300 or I can just mentally add 5 hours to the clock every time I look at tmux. Or, better yet, I'll just reinstall from scratch. That's a great idea. I downloaded the July 18 snapshot sets early Saturday morning (19th) and booted up. I ran sysmerge. Some changes. Cool. I usually install the files from sysmerge and vi my little changes manually. Minimal interference with perfection and so forth. I get this annoying beep while in vi, and of course, I know to head right over to /etc/wsconsctl.conf and uncomment keyboard.bell.volume=0. Can't stand the beep (or flashing screen) you know. Guess what? Where's the wsconsctl.conf file? Supposed to be in /etc. I must have a defective installation or something. I say to myself, So fire up lynx and head right on back to OpenBSD.org to check SHA256 sigs. I know it can't be something on OpenBSD's side of the fence. You all know what's coming don't you? I mean, if this ain't funny, I don't know what is! I get ksh: lynx: not found !!! Maybe I didn't type that correctly. So I try it two more times. (hahahahaha, talk about hard-headed Alabama users.) ksh: lynx: not found I just can't believe it. You all are gonna love this. I grab my cell phone and check current.html, but I don't really see anything related to lynx. I then cut over to snapshots, and, Behold!, a brand new batch of sets dated July 19!! That's my ticket for sure...just had a funky snapshot from the 18th. It happens every once in a while. Maybe... I do another FRESH install with the bestest and freshest sets direct from Canada, baby. On the Samsung SSD, this takes mere seconds. I boot up, and, shazam! no lynx. I slowly realize that there's absolutely nothing wrong with my installation, not from the July 18 sets nor from the July 19 sets. I take off to MARC, and in 5 minutes I'm reading this topic lynx: disable old protocols. For a while, things look favorable for lynx to stay in base. I sure hope so, but, hey, lynx ain't here now! My heart's beating faster with every next in thread. Then theo@ steps in: Daniel is doing the right thing. Fully loaded lynx can be in the ports tree too, and we can keep track of the download statistics to see both users who download it every year... Sure, Daniel's doing the right thing. We're just removing crusty old protocols. Surely lynx will stay in base, after all, right?! Theo said fully loaded lynx can be in the ports tree *too*... But what does Theo mean about both users who download it every year? Then this: If lynx was removed from base, and only available in ports... how many of you would even know of it's existance and use it? Yes folks, I continued on with my reading, noticing a few others who used lynx regularly, knowing that the worst was to come. I blinked back the tears at the idea of life without lynx. Why, for years, I had thought that OpenBSD's web site was optimized just for us lynx users. (Tell me you didn't laugh at that.) Lynx was in base, carefully audited, and ready for anything I could throw at it. And I did. Lynx will slurp in the entire mysql documentation as one file and let me search with absolute confidence and alacrity. Firefox? core dump every time, baby. I don't know about gopher, or those other protocols (that is, I don't use them,) but the web or files on localhost? Absolutely, lynx is where it's at! or, where it's been ... For seven years, I've
Re: lynx: disable old protocols
On 2014/07/19 01:29, Ville Valkonen wrote: what would you suggest for situations where installXX.iso is burned to a CD to avoid downloading sets from the net due a slow Internet connection? When sets are installed from the CD it doesn't set PKG_PATH. I couldn't find any mirror list from the ISO image by grepping. Personally I remember a few nearby mirror URLs, but I do think this could be improved - we could add a sample pkg.conf file to /etc/examples with a list of mirrors updated from mirrors.dat. Unless there are objections to that idea, I'll look at modifying the scripts for this.
Re: lynx: disable old protocols
On Sat, Jul 19, 2014 at 12:28:17PM +0100, Stuart Henderson wrote: On 2014/07/19 01:29, Ville Valkonen wrote: what would you suggest for situations where installXX.iso is burned to a CD to avoid downloading sets from the net due a slow Internet connection? When sets are installed from the CD it doesn't set PKG_PATH. I couldn't find any mirror list from the ISO image by grepping. Personally I remember a few nearby mirror URLs, but I do think this could be improved - we could add a sample pkg.conf file to /etc/examples with a list of mirrors updated from mirrors.dat. Unless there are objections to that idea, I'll look at modifying the scripts for this. That would be awesome no matter if we have or don't have a browser in base.
Re: lynx: disable old protocols
On 2014/07/19 12:28, Stuart Henderson wrote: On 2014/07/19 01:29, Ville Valkonen wrote: what would you suggest for situations where installXX.iso is burned to a CD to avoid downloading sets from the net due a slow Internet connection? When sets are installed from the CD it doesn't set PKG_PATH. I couldn't find any mirror list from the ISO image by grepping. Personally I remember a few nearby mirror URLs, but I do think this could be improved - we could add a sample pkg.conf file to /etc/examples with a list of mirrors updated from mirrors.dat. Unless there are objections to that idea, I'll look at modifying the scripts for this. Oh, this nearly works, but pkg.conf needs a full pkgpath (with either version number or snapshots and machine arch)... Marc, would you consider permitting variables (either just in pkg.conf, or in PKG_PATH in general) which are replaced at runtime with the current OS version and cpu arch? That way we could provide a sample pkg.conf that looks something like the excerpt below: -- -- -- -- # $OpenBSD$ # Users of release versions can simply uncomment a line. # Users of snapshots should replace %V with the word 'snapshots'. # Australia #installpath=http://mirror.internode.on.net/pub/OpenBSD/%V/packages/%A/ #installpath=http://mirror.aarnet.edu.au/pub/OpenBSD/%V/packages/%A/ #installpath=http://ftp.iinet.net.au/pub/OpenBSD/%V/packages/%A/ # Austria #installpath=http://ftp5.eu.openbsd.org/ftp/pub/OpenBSD/%V/packages/%A/ #installpath=http://ftp2.eu.openbsd.org/pub/OpenBSD/%V/packages/%A/ ... -- -- -- --
Re: lynx: disable old protocols
On Sat, Jul 19, 2014 at 12:28:17PM +0100, Stuart Henderson wrote: Personally I remember a few nearby mirror URLs, but I do think this could be improved - we could add a sample pkg.conf file to /etc/examples with a list of mirrors updated from mirrors.dat. Unless there are objections to that idea, I'll look at modifying the scripts for this. This addresses the list of package mirrors. What about the list of anoncvs mirrors? That's the other task I would sometimes use lynx for. If I'm installing on a machine in a different location, I'd like to use a closer mirror than the ones I memorized. You could have mirrors.dat as a one time update since the packages are signed. The main issues would be if a mirror wants to get added/deleted in between releases or if some mirror is compromised and stops sending out new packages. It's different with anoncvs since we're relying on the ssh pubkeys and the updates are not signed. Would it make sense to have a package that contains a list of the anoncvs mirrors + ssh fingerprints? The list would be signed and updated in the same manner as other packages. It may make sense to throw mirrors.dat in there so it is signed and updated as well. The first mirrors.dat update is bootstrapped from the installation and then updated as a package.
Re: lynx: disable old protocols
On 19 lip 2014, at 15:25, Doug Hogan d...@acyclic.org wrote: On Sat, Jul 19, 2014 at 12:28:17PM +0100, Stuart Henderson wrote: Personally I remember a few nearby mirror URLs, but I do think this could be improved - we could add a sample pkg.conf file to /etc/examples with a list of mirrors updated from mirrors.dat. Unless there are objections to that idea, I'll look at modifying the scripts for this. This addresses the list of package mirrors. What about the list of anoncvs mirrors? That's the other task I would sometimes use lynx for. If I'm installing on a machine in a different location, I'd like to use a closer mirror than the ones I memorized. Having the possibility to install packages you can install lynx, links or whatever text mode browser you prefer. Regards, Kamil -- It's just a matter of opinion.
Re: lynx: disable old protocols
On 17 July 2014 00:10, Stuart Henderson st...@openbsd.org wrote: On 2014/07/16 16:00, Jean-Philippe Ouellet wrote: Oh come on... It's not like the URLs are some giant uuid-based madness or something. All the mirrors have the same simple layout. If you install lots of boxes regularly, it doesn't take long to memorize the name of your closest mirror. If you don't install lots of stuff, then just set installpath in your pkg.conf and forget about it. If you choose your mirror from the list in the installer, this is already set automatically in pkg.conf. Hello Stuart, what would you suggest for situations where installXX.iso is burned to a CD to avoid downloading sets from the net due a slow Internet connection? When sets are installed from the CD it doesn't set PKG_PATH. I couldn't find any mirror list from the ISO image by grepping. Previously I've used lynx to navigate on the project's website and copypaste mirror URL with tmux. Thanks in advance, Ville
Re: lynx: disable old protocols
ftp -o - http://ftp.openbsd.org/pub/OpenBSD/snapshots/ftplist | some script, or maybe your eyes and pick one. On Fri, Jul 18, 2014 at 4:29 PM, Ville Valkonen weezeld...@gmail.com wrote: On 17 July 2014 00:10, Stuart Henderson st...@openbsd.org wrote: On 2014/07/16 16:00, Jean-Philippe Ouellet wrote: Oh come on... It's not like the URLs are some giant uuid-based madness or something. All the mirrors have the same simple layout. If you install lots of boxes regularly, it doesn't take long to memorize the name of your closest mirror. If you don't install lots of stuff, then just set installpath in your pkg.conf and forget about it. If you choose your mirror from the list in the installer, this is already set automatically in pkg.conf. Hello Stuart, what would you suggest for situations where installXX.iso is burned to a CD to avoid downloading sets from the net due a slow Internet connection? When sets are installed from the CD it doesn't set PKG_PATH. I couldn't find any mirror list from the ISO image by grepping. Previously I've used lynx to navigate on the project's website and copypaste mirror URL with tmux. Thanks in advance, Ville
Re: lynx: disable old protocols
What about the other direction, what about all the poeple who believe that lynx is the end-all, be-all choice for secure browsing, because they believe that it's the only browser that is held to the audit standards of being included in OpenBSD base. If it isn't, isn't there a responsibility to disclose that, and possibly remove it from base. The only chicken and egg issue I can see with it, is that you use it to get a list of mirrors for your newly installed system, so you can set the pkg_path. I'd love it if we included another method for discovering that, a copy of mirrors in /usr/share/docs, or even a second email sent to root. I'd also like to point out that Shawn has broken the social contract here, it's well known that it's generally considered rude to direct developers, in this forum. I think it's also a well-known part of the shut up and hack, culture, that he can offer to audit and maintain lynx in a manner consistent with the rest of base, or be quiet about it. No users are being harmed in the removal of unmaintained code. I'm shocked at how hard people would push back, against having to install a package.
Re: lynx: disable old protocols
On Wed, 2014-07-16 at 13:56 -0500, patric conant wrote: I'd also like to point out that Shawn has broken the social contract here, it's well known that it's generally considered rude to direct developers, in this forum. Every single free or open-source software project I have ever used has been shaped by user feedback. Most take it seriously when users say they still use functionality that's being slated for removal. So Patric, you can take this social contract of yours and shove it up your ass. I don't recognize it as anything but toilet paper. Shawn -- leave this list.
Re: lynx: disable old protocols
On 07/16/14 17:00, Shawn K. Quinn wrote: On Wed, 2014-07-16 at 13:56 -0500, patric conant wrote: I'd also like to point out that Shawn has broken the social contract here, it's well known that it's generally considered rude to direct developers, in this forum. Every single free or open-source software project I have ever used has been shaped by user feedback. Most take it seriously when users say they still use functionality that's being slated for removal. So Patric, you can take this social contract of yours and shove it up your ass. I don't recognize it as anything but toilet paper. Shawn, I'm sorry but that's really out of line. Lynx will move to ports, which is the best of both worlds. It may be of questionable quality, so not in base, but with lots of other software, also of questionable quality *but available to all*. So that's it. Case closed, in a reasonable manner, I think. --STeve Andre'
Re: lynx: disable old protocols
For the rest of us who prefer to use software instead of demanding changes, this simply means using OpenBSD in a strictly-isolated environment becomes a bit more difficult. I'm still not willing to use Linux LiveCDs in certain environments for the most part, and I'll just get used to having the ports I absolutely need (probably elinks or Firefox, at this point, not lynx!) on a pre-burned CD. Related question: what happened to putting the most commonly-used pkgs on the CDs? Did we just run out of room? My 5.5 CD set has a grand total of about 8 packages IIRC. Most of us get that you're all hacking on OpenBSD primarily to scratch a personal itch and secondarily to provide something good to the rest of the world. I recall reading somewhere a summary of the tech@ attitude, which boiled down to if you can use our code, great, otherwise go away and stop bothering us. I'll keep providing opinions and feedback, but even (sizeable) donations to the foundation don't earn me the *right* to be heeded. Apologies for the noise on tech@, but moving to misc would be even worse. -Adam On July 16, 2014 4:08:09 PM CDT, STeve Andre' and...@msu.edu wrote: On 07/16/14 17:00, Shawn K. Quinn wrote: On Wed, 2014-07-16 at 13:56 -0500, patric conant wrote: I'd also like to point out that Shawn has broken the social contract here, it's well known that it's generally considered rude to direct developers, in this forum. Every single free or open-source software project I have ever used has been shaped by user feedback. Most take it seriously when users say they still use functionality that's being slated for removal. So Patric, you can take this social contract of yours and shove it up your ass. I don't recognize it as anything but toilet paper. Shawn, I'm sorry but that's really out of line. Lynx will move to ports, which is the best of both worlds. It may be of questionable quality, so not in base, but with lots of other software, also of questionable quality *but available to all*. So that's it. Case closed, in a reasonable manner, I think. --STeve Andre' -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
Re: lynx: disable old protocols
For the rest of us who prefer to use software instead of demanding changes, this simply means using OpenBSD in a strictly-isolated environment becomes a bit more difficult. This statement makes no sense. Why would you strictly isolate the environment? Because you want security. In that case, have you read the code for lynx? I'm still not willing to use Linux LiveCDs in certain environments for the most part, and I'll just get used to having the ports I absolutely need (probably elinks or Firefox, at this point, not lynx!) on a pre-burned CD. Piece of cake. Related question: what happened to putting the most commonly-used pkgs on the CDs? Did we just run out of room? My 5.5 CD set has a grand total of about 8 packages IIRC. Yes, we run out, actually on a regular basis. I don't think people realize how much effort goes into re-fitting things. Most releases it is simple, but other releases we suddenly must revamp the layout pretty substantially. It isn't some amateur 1 hour effort. I do not know yet what happens for 5.6, I have not repeated the 5.5 layout yet. pkg_add uses signify keys now. You can use the internet to get packages. They do not need to be on the release CD. Most of us get that you're all hacking on OpenBSD primarily to scratch a personal itch and secondarily to provide something good to the rest of the world. I recall reading somewhere a summary of the tech@ attitude, which boiled down to if you can use our code, great, otherwise go away and stop bothering us. Thank you.
Re: lynx: disable old protocols
On Wed, Jul 16, 2014 at 4:00 PM, Shawn K. Quinn skqu...@rushpost.com wrote: On Wed, 2014-07-16 at 13:56 -0500, patric conant wrote: I'd also like to point out that Shawn has broken the social contract here, it's well known that it's generally considered rude to direct developers, in this forum. Every single free or open-source software project I have ever used has been shaped by user feedback. Most take it seriously when users say they still use functionality that's being slated for removal. So Patric, you can take this social contract of yours and shove it up your ass. I don't recognize it as anything but toilet paper. And the ports devs did listen ***seriously***. bcallah@ provided an initial port and sthen@ gave some feedback. It might make it into the ports tree.Are you not subscribed to ports@? Lynx is probably just a pkg_add away. Or if that effort is abandoned, you can whip up your own port based on bcallah@ initial port. This project is also shaped by user feedback. Otherwise, those two wouldn't have bothered wasting their time on lynx.
Re: lynx: disable old protocols
On 7/11/2014 2:03 AM, Theo de Raadt wrote: If lynx was removed from base, and only available in ports... how many of you would even know of it's existance and use it? I absolutely would use it if it were only available in ports. I only complain about gopher support being removed because lynx has the best gopher browsing experience around, and in OpenBSD-land, there's no alternative other than building it and installing it out-of-band. I would happily use a package, be it instead of or in addition to a stripped-down lynx in base. wrt. auditing it, should we send patches here? Or upstream?
Re: lynx: disable old protocols
With your attitude, I beg you to please go run some other operating system.
Re: lynx: disable old protocols
On Sat, 2014-07-12 at 23:58 -0700, William Orr wrote: wrt. auditing it, should we send patches here? Or upstream? I'd send them both places, if they apply cleanly to both sets of code. Otherwise, send them here. I'd love to be proven wrong about the maintainers not really giving a shit about the users, and accepting packages which make gopher browsing more secure or improve the code quality would help. BTW, I forgot to ask, where are the exploits for this poor quality code? i.e. if I'm browsing a gopher site with the current Lynx as root, what exactly do I have to stumble upon to get owned? Or is it just a this is ugly in a few places kind of vague feeling by some devs? I have a feeling there aren't any (exploits), but I thought I'd ask anyway. -- Shawn K. Quinn skqu...@rushpost.com
Re: lynx: disable old protocols
Why haven't you left? Please leave. On Sat, 2014-07-12 at 23:58 -0700, William Orr wrote: wrt. auditing it, should we send patches here? Or upstream? I'd send them both places, if they apply cleanly to both sets of code. Otherwise, send them here. I'd love to be proven wrong about the maintainers not really giving a shit about the users, and accepting packages which make gopher browsing more secure or improve the code quality would help. BTW, I forgot to ask, where are the exploits for this poor quality code? i.e. if I'm browsing a gopher site with the current Lynx as root, what exactly do I have to stumble upon to get owned? Or is it just a this is ugly in a few places kind of vague feeling by some devs? I have a feeling there aren't any (exploits), but I thought I'd ask anyway. -- Shawn K. Quinn skqu...@rushpost.com
Re: lynx: disable old protocols
On Sun, 2014-07-13 at 01:38 -0600, Theo de Raadt wrote: With your attitude, I beg you to please go run some other operating system. The plan is when the first Bitrig release comes out, I'm done and switch to that. The donations I was going to make to your project later this year? Not anymore. They are either going to Bitrig, or maybe some even to the FSF. Oh, the latter I would love to do especially since you keep trashing Richard Stallman every chance you get, even after the FSF gave you an award. (Did they ever ask for that award back? The FSF is run by a lot of nice people. Maybe they are too nice to have asked for you to return the award, but they should have. The lack of gratitude shown by your ridicule of RMS after getting it is just plain atrocious and casts a black eye on the open source movement you claim to be part of.) By the way, you would not have had BSD source code to hack on without the efforts of RMS. Think about that next time before you insult him. Show a little fucking gratitude for a change. Until then, I'm going to keep a close eye on changes under /usr/src/gnu/usr.bin/lynx and undo them on my own system if it disables useful functionality. It's just outrageous I have to do this to keep things like gopher support. BTW, I still want to see an actual exploit. None of this the code looks shitty vagueness. Look hard enough, you'll find code that looks shitty everywhere. -- Shawn K. Quinn skqu...@rushpost.com OpenBSD: Where do you want to go today?
Re: lynx: disable old protocols
On Sun, Jul 13, 2014 at 02:26:10AM -0500, Shawn K. Quinn wrote: On Sat, 2014-07-12 at 23:58 -0700, William Orr wrote: wrt. auditing it, should we send patches here? Or upstream? I'd send them both places, if they apply cleanly to both sets of code. Otherwise, send them here. I'd love to be proven wrong about the maintainers not really giving a shit about the users, and accepting packages which make gopher browsing more secure or improve the code quality would help. BTW, I forgot to ask, where are the exploits for this poor quality code? i.e. if I'm browsing a gopher site with the current Lynx as root, what exactly do I have to stumble upon to get owned? Or is it just a this is ugly in a few places kind of vague feeling by some devs? I have a feeling there aren't any (exploits), but I thought I'd ask anyway. Sigh, you want to make use spend time on writing exploits for every potential problem found? That means any developemt will grind to a halt. If you don't trust our judgement, then don't use OpenBSD. -Otto
Re: lynx: disable old protocols
Why haven't you left yet Shawn?
Re: lynx: disable old protocols
On Sun, 2014-07-13 at 02:01 -0600, Theo de Raadt wrote: Why haven't you left yet Shawn? Because for the moment, I still am an OpenBSD user. And you haven't answered my question why there's been no exploit of this poor quality code (in the entire history of Lynx going back to 1992, no less). It's so easy to look at code and say it's shitty. It's another to prove it. -- Shawn K. Quinn skqu...@rushpost.com
Re: lynx: disable old protocols
You demand us to do work? Please leave immediately. On Sun, 2014-07-13 at 02:01 -0600, Theo de Raadt wrote: Why haven't you left yet Shawn? Because for the moment, I still am an OpenBSD user. And you haven't answered my question why there's been no exploit of this poor quality code (in the entire history of Lynx going back to 1992, no less). It's so easy to look at code and say it's shitty. It's another to prove it. -- Shawn K. Quinn skqu...@rushpost.com
Re: lynx: disable old protocols
On Sat, Jul 12, 2014 at 21:43, Shawn K. Quinn wrote: For now, I'm going to make sure my Lynx still has full functionality if I have to manually unfuck the Makefile myself everytime after I update my sources. In the future? Maybe I (and the other users who actually give a shit about having non-crippled software) should have switched to BitRig (or NetBSD, or maybe even something else) already. It's a shame because I was looking to buy a CD set for 5.6, too. But I won't if Lynx isn't all there in 5.6-release, and I'll be donating the money to another project (most likely BitRig) instead. Feel free to follow my lead should you desire. That's a strange choice. bitrig deleted lynx entirely quite some time ago. You won't find gopher support there either.
Re: lynx: disable old protocols
On Sun, 2014-07-13 at 02:23 -0600, Theo de Raadt wrote: You demand us to do work? Please leave immediately. No, I'm asking why there's been no exploit, not necessarily for you to write one. In fact, Theo, I'd really rather you not try to write one, since apparently you're averse to the idea of doing so. -- Shawn K. Quinn skqu...@rushpost.com
Re: lynx: disable old protocols
On Sun, Jul 13, 2014 at 02:58:04AM -0500, Shawn K. Quinn wrote: | On Sun, 2014-07-13 at 01:38 -0600, Theo de Raadt wrote: | With your attitude, I beg you to please go run some other | operating system. | | The plan is when the first Bitrig release comes out, I'm done and switch | to that. The donations I was going to make to your project later this | year? Not anymore. They are either going to Bitrig, or maybe some even | to the FSF. Oh, the latter I would love to do especially since you keep | trashing Richard Stallman every chance you get, even after the FSF gave | you an award. (Did they ever ask for that award back? The FSF is run by | a lot of nice people. Maybe they are too nice to have asked for you to | return the award, but they should have. The lack of gratitude shown by | your ridicule of RMS after getting it is just plain atrocious and casts | a black eye on the open source movement you claim to be part of.) | | By the way, you would not have had BSD source code to hack on without | the efforts of RMS. Think about that next time before you insult him. | Show a little fucking gratitude for a change. And you show your gratitude for the free software that you use by telling the people that wrote it how to behave and making demands from them? Should OpenBSD keep lynx as it is because you and maybe a handful of others want it to stay that way? Some (extremely small) subset of users get to decide how things are? I believe the answer to the last question should be yes: but I don't think you are in that subset. The people maintaining OpenBSD get to maintain it. You get to use it. You choose to complain, they choose to ignore or ridicule you. | Until then, I'm going to keep a close eye on changes | under /usr/src/gnu/usr.bin/lynx and undo them on my own system if it | disables useful functionality. It's just outrageous I have to do this to | keep things like gopher support. Why is that outrageous?! Is it really outrageous that you get all the stuff you need to turn this into exactly what you want for free? Including, in this case, advance notification? Should Theo come to your house and do a little song and dance for you too? This is Open Source Software. You've stated it loud enough. | BTW, I still want to see an actual exploit. None of this the code looks | shitty vagueness. Look hard enough, you'll find code that looks shitty | everywhere. Why do you want to see an actual exploit? Do you want to see an actual exploit for changes that have gone into any other part of the tree? Ted (and others, I'm singling out Ted as he's become the personification of deleting stuff) has been deleting lots of arcane stuff from the tree; why are you not demanding things like fsplit are brought back, asking where exploits are? I know why not: you are not a fortran user. You don't use fsplit. You, and a few others, have stated you still use lynx with gopher and/or other protocols. Great: submit a port and use that. It's perfectly OK to actually participate in the development with submitting changes instead of getting all worked up when things don't happen the way you want them to. Things in OpenBSD have changed a lot since I started using it, and not always to my liking. I just deal with it. Why can't you? Why does anybody in OpenBSD owe you anything? Where does your sense of entitlement stem from? Cheers, Paul 'WEiRD' de Weerd -- [++-]+++.+++[---].+++[+ +++-].++[-]+.--.[-] http://www.weirdnet.nl/
Re: lynx: disable old protocols
On 2014-07-11 Fri 03:03 AM |, Theo de Raadt wrote: If lynx was removed from base, and only available in ports... how many of you would even know of it's existance and use it? Several times a week I use lynx for http or local html docs. If it wasn't in base, I'd install it/some similar package via siteXX.tgz
Re: lynx: disable old protocols
On Fri, 2014-07-11 at 03:03 -0600, Theo de Raadt wrote: If lynx was removed from base, and only available in ports... how many of you would even know of it's existance and use it? Not only would I know of its existence and go install it to use, I would wonder out loud why the hell it's not in base. Furthermore, if it had been intentionally crippled to exclude rare but definitely used protocols like gopher that are part of stock Lynx as released by the current maintainers, I would wonder what kind of whacked out hallucinogenics someone had to have been on to do such a thing. (It's something I'd expect from Firefox developers, but definitely not from OpenBSD maintaners.) If there's a security hole related to gopher or bibp, let's fix it, let's not up and drop support for those protocols because of it. People do use these protocols even in 2014. If it's code bloat, I'd like to know just how much code we're talking about. Unless we're going to try to put Lynx on install media (and I am definitely not suggesting that we do), 1.7 megabytes really isn't all that big (it's actually smaller than ftp). If you have gamesXX.tgz installed and never play them you have no business complaining about bloat on a binary of that size. Looking back over this patch, I see no reason to break telnet support since we still ship a telnet client. (In case anyone brings this up, I see no reason to remove telnet from base either.) Also, there's no good reason I can think of to break rlogin and tn3270 support for the people who have those installed and need to use it. I retract any support I may have indicated. Now, should the upstream remove this support for whatever reason, that's an entirely different can of worms. But if it ain't broke, don't fix it. And from here it looks like it ain't broke. -- Shawn K. Quinn skqu...@rushpost.com
Re: lynx: disable old protocols
If there's a security hole related to gopher or bibp, let's fix it, let's not up and drop support for those protocols because of it. People do use these protocols even in 2014. let's is a contraction for let us. Basically the community must audit lynx, if they want it to remain in base. Those of us who have glanced judged it to be of poor quality. If it's code bloat, I'd like to know just how much code we're talking about. This is open source. You know you can find the source yourself and read it? Or .. perhaps you can't, and just wish to preach to us?
Re: lynx: disable old protocols
On Sat, Jul 12, 2014 at 06:11:16AM -0500, Shawn K. Quinn wrote: On Fri, 2014-07-11 at 03:03 -0600, Theo de Raadt wrote: If lynx was removed from base, and only available in ports... how many of you would even know of it's existance and use it? Not only would I know of its existence and go install it to use, I would wonder out loud why the hell it's not in base. Furthermore, if it had been intentionally crippled to exclude rare but definitely used protocols like gopher that are part of stock Lynx as released by the current maintainers, I would wonder what kind of whacked out hallucinogenics someone had to have been on to do such a thing. (It's something I'd expect from Firefox developers, but definitely not from OpenBSD maintaners.) Beware with such statements, some have both hats. Landry
Re: lynx: disable old protocols
On Sat, 2014-07-12 at 06:11 -0500, Shawn K. Quinn wrote: If it's code bloat, I'd like to know just how much code we're talking about. Unless we're going to try to put Lynx on install media (and I am definitely not suggesting that we do), 1.7 megabytes really isn't all that big (it's actually smaller than ftp). If you have gamesXX.tgz installed and never play them you have no business complaining about bloat on a binary of that size. The recent patch which removes bibp support and breaks telnet URLs removes a whopping 8k or so (at least on amd64 here, versus -current from a couple days before). If hard drives still topped out at a gigabyte or less that might be an impressive reduction, but those days are long gone. Taking out dired, gopher, news, and finger only makes a total reduction of some 121k. Again, it might make a difference if your whole hard disk is under a gigabyte. Today, a terabyte or significant fraction thereof is more likely. So, not impressive given what we're losing by saving that small amount of disk space. And this comment: leave gopher, news, and dired in place for now. but we will soon catch up to the security level of internet explorer 7 by removing these too. This is complete bullshit, to the point where I would think it came straight from Microsoft's PR department. There is no way in hell that Lynx was ever as insecure as Internet Explorer 7, much less is today. Lynx, by its very nature, is one of the most secure browsers out there, as it lacks almost all of the attack vectors (Javascript, CSS, etc) that, say, Firefox or Chrome has. The most recent advisory for Lynx I found was from 2005, then one from 2003, then one from 2000. That's three over a six-year span, then bupkis for the next nine. I think a more appropriate way of wording this comment in full is: despite several messages on tech@, start gutting lynx under the guise of security. specifically, ignore the people who said bibp is in use and get rid of it. break telnet, rlogin, and tn3270 for the hell of it. leave gopher, news, and dired in place for now. but we will soon catch up to Microsoft's level of saying 'fuck the users' by removing these too, because we feel like it. ok's for the version of this diff that removes even more protocols from deraadt@, tedu@. general support from other devs. again, fuck the people actually using our software, fuck gopher, fuck bibp, fuck nntp and Usenet. OpenBSD: where do you want to go today? Seriously, if you are worried about getting hacked from using Lynx (and I mean real Lynx as distributed, with support for gopher, finger, bibp, telnet, and the kitchen sink included), maybe the Internet is just not for you. As for me, I feel safe running Lynx as root. I'd be surprised to find that many people who were not. Finally, I'm horrified that bibp support was removed, and telnet support was broken, *after* others said they were still using it. I expect this kind of ham-fisted fuck the users move from companies like Microsoft and Apple. I honestly never thought I'd see the day that it would happen in OpenBSD. For now, I'm going to make sure my Lynx still has full functionality if I have to manually unfuck the Makefile myself everytime after I update my sources. In the future? Maybe I (and the other users who actually give a shit about having non-crippled software) should have switched to BitRig (or NetBSD, or maybe even something else) already. It's a shame because I was looking to buy a CD set for 5.6, too. But I won't if Lynx isn't all there in 5.6-release, and I'll be donating the money to another project (most likely BitRig) instead. Feel free to follow my lead should you desire. -- Shawn K. Quinn skqu...@rushpost.com
Re: lynx: disable old protocols
Maybe I (and the other users who actually give a shit about having non-crippled software) should have switched to BitRig (or NetBSD, or maybe even something else) already. Good luck, I won't miss you!
Re: lynx: disable old protocols
On Thu, 10 Jul 2014 23:17:44 -0400, Daniel Dickman wrote: For some urls, lynx will invoke an external command. Turn off telnet, rlogin and tn3270 urls by defining them to false(1) as documented in the lynx manual. Gopher and NNTP are actually still being used (the former a bit sparsely, but there are a few servers here and there). The rest I don't mind seeing disappear (we don't ship the telnet and rlogin programs anymore AFAIK, I've never heard of bibp, and we have a finger program as an alternative to the functionality in lynx). this support does not need to be in base. Finally, turn off the file editor which can be accessed with g.enter using the --disable-dired switch. I don't see a good reason to get rid of this. What is the rationale? I want a text browser not a file manager. And what do you gain by killing the file editor? Provided it doesn't prevent my use of vi (set up as system editor, invoked with e) I don't care. I love that simple e when doing major config changes or pf.conf etc etc. *** NOTE *** Please DO NOT CC me. I am subscribed to the list. Mail to the sender address that does not originate at the list server is tarpitted. The reply-to: address is provided for those who feel compelled to reply off list. Thankyou. Rod/ --- This life is not the real thing. It is not even in Beta. If it was, then OpenBSD would already have a man page for it.
Re: lynx: disable old protocols
Pretty standard thing in several companies I do work for is to have an intranet page with http://, ssh://, telnet:// and finger:// (amazingly) links to various devices on the network. Having to read the source and escape to a shell would be somewhat worse than what I get on a base install today. IIRC, finger was how we got a quick status overview from... some piece of ATM switching gear? And yes, I actually do spend a noticeable amount of time at the text console, with no ports installed, when inside a foreign network. -Adam This banter is annoying. Please go read the code in question, carefully. You only need to spend 30 minutes. It will change your mind.
Re: lynx: disable old protocols
I don't see a good reason to get rid of this. What is the rationale? Daniel appears to have made a mistake asking for approval on the wrong list. He's new here, take it easy on him.
Re: lynx: disable old protocols
On 2014/07/11 01:18, Theo de Raadt wrote: I too use gopher in lynx regularly, and would miss support. There is = still a surprisingly active community using gopher. (floodgap, et al.) So install a package. Should we just move lynx to packages?
Re: lynx: disable old protocols
On Fri, 11 Jul 2014 09:48:12 +0100 Stuart Henderson st...@openbsd.org wrote: | On 2014/07/11 01:18, Theo de Raadt wrote: | I too use gopher in lynx regularly, and would miss support. There is = | still a surprisingly active community using gopher. (floodgap, et al.) | | So install a package. | | Should we just move lynx to packages? | I find lynx really handy to have in base, e.g. installing on a new machine, users can just go to openbsd.org and cut and paste a pkg_path prior to installing anything, and read the faq. Using openbsd for the first time would have been a lot more painful without a browser in base.
Re: lynx: disable old protocols
On 2014/07/11 18:51, Brett Mahar wrote: On Fri, 11 Jul 2014 09:48:12 +0100 Stuart Henderson st...@openbsd.org wrote: | On 2014/07/11 01:18, Theo de Raadt wrote: | I too use gopher in lynx regularly, and would miss support. There is = | still a surprisingly active community using gopher. (floodgap, et al.) | | So install a package. | | Should we just move lynx to packages? | I find lynx really handy to have in base, e.g. installing on a new machine, users can just go to openbsd.org and cut and paste a pkg_path prior to installing anything, and read the faq. Using openbsd for the first time would have been a lot more painful without a browser in base. Thing is, if we need another version of lynx in packages to support gopher, having one in base as well just gets confusing..
Re: lynx: disable old protocols
I find lynx really handy to have in base, e.g. installing on a new machine, users can just go to openbsd.org and cut and paste a pkg_path prior to installing anything, and read the faq. that is why it is in base. but someone on the list wants to visit the openbsd gopher page to get that information. crazy people -- you are bat shit crazy.
Re: lynx: disable old protocols
If lynx was removed from base, and only available in ports... how many of you would even know of it's existance and use it?
Re: lynx: disable old protocols
On Fri, Jul 11, 2014 at 09:56, Stuart Henderson wrote: On 2014/07/11 18:51, Brett Mahar wrote: On Fri, 11 Jul 2014 09:48:12 +0100 Stuart Henderson st...@openbsd.org wrote: | On 2014/07/11 01:18, Theo de Raadt wrote: | I too use gopher in lynx regularly, and would miss support. There is = | still a surprisingly active community using gopher. (floodgap, et al.) | | So install a package. | | Should we just move lynx to packages? | I find lynx really handy to have in base, e.g. installing on a new machine, users can just go to openbsd.org and cut and paste a pkg_path prior to installing anything, and read the faq. Using openbsd for the first time would have been a lot more painful without a browser in base. Thing is, if we need another version of lynx in packages to support gopher, having one in base as well just gets confusing.. No more than many versions of gcc in base and ports, I think. We could call it elynx. :) We have documentation in html format, so I think we need a basic text browser in base to view it.
Re: lynx: disable old protocols
On 2014/07/11 05:05, Ted Unangst wrote: On Fri, Jul 11, 2014 at 09:56, Stuart Henderson wrote: On 2014/07/11 18:51, Brett Mahar wrote: On Fri, 11 Jul 2014 09:48:12 +0100 Stuart Henderson st...@openbsd.org wrote: | On 2014/07/11 01:18, Theo de Raadt wrote: | I too use gopher in lynx regularly, and would miss support. There is = | still a surprisingly active community using gopher. (floodgap, et al.) | | So install a package. | | Should we just move lynx to packages? | I find lynx really handy to have in base, e.g. installing on a new machine, users can just go to openbsd.org and cut and paste a pkg_path prior to installing anything, and read the faq. Using openbsd for the first time would have been a lot more painful without a browser in base. Thing is, if we need another version of lynx in packages to support gopher, having one in base as well just gets confusing.. No more than many versions of gcc in base and ports, I think. We could call it elynx. :) Yes, that's confusing too, especially with nginx. We have documentation in html format, so I think we need a basic text browser in base to view it. BIND, Lynx itself, Sendmail milters, ncurses.
Re: lynx: disable old protocols
On Thu, Jul 10, 2014 at 11:05:45PM -0400, Daniel Dickman wrote: Patch below turns off the following ancient protocols built into lynx: bibp, finger, gopher, and news. For some urls, lynx will invoke an external command. Turn off telnet, rlogin and tn3270 urls by defining them to false(1) as documented in the lynx manual. Finally, turn off the file editor which can be accessed with g.enter using the --disable-dired switch. ok to commit? No, gopher can't go! Index: Makefile.bsd-wrapper === RCS file: /home/cvs/src/gnu/usr.bin/lynx/Makefile.bsd-wrapper,v retrieving revision 1.24 diff -u -p -u -r1.24 Makefile.bsd-wrapper --- Makefile.bsd-wrapper 15 Apr 2014 20:55:42 - 1.24 +++ Makefile.bsd-wrapper 11 Jul 2014 02:47:31 - @@ -5,7 +5,10 @@ CLEANFILES+= lynx.1 DPADD= ${LIBSSL} ${LIBCRYPTO} GNUCFLAGS= CC=${CC} CFLAGS=${CFLAGS} ${COPTS} ${OPT} LDFLAGS=${LDFLAGS} -CONFIGURE_ARGS= --with-ssl=/usr --enable-widec --enable-ipv6 --enable-debug +CONFIGURE_ARGS= --with-ssl=/usr --enable-widec --enable-ipv6 --enable-debug \ + --disable-bibp-urls --disable-finger --disable-gopher --disable-news \ + --disable-dired + HTMLDIR= /usr/share/doc/html HELPFILES= keystrokes/alt_edit_help.html keystrokes/bookmark_help.html \ keystrokes/cookie_help.html keystrokes/dired_help.html \ @@ -39,12 +42,18 @@ config: .FORCE PATH=/bin:/usr/bin:/sbin:/usr/sbin \ ${GNUCFLAGS} \ INSTALL_PROGRAM=${INSTALL} ${INSTALL_COPY} ${INSTALL_STRIP} \ + TELNET=/usr/bin/false \ + RLOGIN=/usr/bin/false \ + TN3270=/usr/bin/false \ sh ${.CURDIR}/configure --prefix=/usr --sysconfdir=/etc --disable-color-style ${CONFIGURE_ARGS} config.status: PATH=/bin:/usr/bin:/sbin:/usr/sbin \ ${GNUCFLAGS} \ INSTALL_PROGRAM=${INSTALL} ${INSTALL_COPY} ${INSTALL_STRIP} \ + TELNET=/usr/bin/false \ + RLOGIN=/usr/bin/false \ + TN3270=/usr/bin/false \ sh ${.CURDIR}/configure --prefix=/usr --sysconfdir=/etc --disable-color-style ${CONFIGURE_ARGS} ${CF} lynx.1: ${.CURDIR}/lynx.man
Re: lynx: disable old protocols
I would know of its existence, but likely not install it. As I said, I have workarounds. I remember how bad the code was years ago, so I agree with the idea in general, but it will be a pain in the butt for me every once in a while :-(. -Adam On July 11, 2014 4:03:29 AM CDT, Theo de Raadt dera...@cvs.openbsd.org wrote: If lynx was removed from base, and only available in ports... how many of you would even know of it's existance and use it? -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
Re: lynx: disable old protocols
* Stuart Henderson st...@openbsd.org [2014-07-11 10:49]: Should we just move lynx to packages? hmm. having a simple text browser in base is worthwile imo. and if it is just to download sth where i don't know the exact URL. personally, I haven't used lynx for anything but http and https in... what, a decade? -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services GmbH, http://bsws.de, Full-Service ISP Secure Hosting, Mail and DNS. Virtual Dedicated Servers, Root to Fully Managed Henning Brauer Consulting, http://henningbrauer.com/
Re: lynx: disable old protocols
On 7/11/14, Theo de Raadt dera...@cvs.openbsd.org wrote: If lynx was removed from base, and only available in ports... how many of you would even know of it's existance and use it? asking rhetorically? either way, yes, I would install lynx if it wasn't in base. I use it on a daily basis. --patrick
Re: lynx: disable old protocols
On Thu, 2014-07-10 at 23:05 -0400, Daniel Dickman wrote: Patch below turns off the following ancient protocols built into lynx: bibp, finger, gopher, and news. For some urls, lynx will invoke an external command. Turn off telnet, rlogin and tn3270 urls by defining them to false(1) as documented in the lynx manual. Gopher and NNTP are actually still being used (the former a bit sparsely, but there are a few servers here and there). The rest I don't mind seeing disappear (we don't ship the telnet and rlogin programs anymore AFAIK, I've never heard of bibp, and we have a finger program as an alternative to the functionality in lynx). Finally, turn off the file editor which can be accessed with g.enter using the --disable-dired switch. I don't see a good reason to get rid of this. What is the rationale? -- Shawn K. Quinn skqu...@rushpost.com
Re: lynx: disable old protocols
On 07/10/14 23:17, Daniel Dickman wrote: For some urls, lynx will invoke an external command. Turn off telnet, rlogin and tn3270 urls by defining them to false(1) as documented in the lynx manual. Gopher and NNTP are actually still being used (the former a bit sparsely, but there are a few servers here and there). The rest I don't mind seeing disappear (we don't ship the telnet and rlogin programs anymore AFAIK, I've never heard of bibp, and we have a finger program as an alternative to the functionality in lynx). this support does not need to be in base. I very much use lynx for its gopher support. I would be sad to see it go. Finally, turn off the file editor which can be accessed with g.enter using the --disable-dired switch. I don't see a good reason to get rid of this. What is the rationale? I want a text browser not a file manager.
Re: lynx: disable old protocols
As a user, not a developer... I still use finger, gopher, and news URLs at least once a year each. As a user, I disagree with turning support for those schemes off completely. Finger and news I can use another tool, and I'd concede that no-one really *needs* a news reader in base. (I still find having a finger client of some sort in base useful at one site, however.) Gopher, however, is not as dead as everyone assumes. I believe I can re-enable tn3270 and telnet schemes manually, which is fine. I still use both of those fairly often. The other protocols are irrelevant to me. -Adam On July 10, 2014 10:05:45 PM CDT, Daniel Dickman didick...@gmail.com wrote: Patch below turns off the following ancient protocols built into lynx: bibp, finger, gopher, and news. For some urls, lynx will invoke an external command. Turn off telnet, rlogin and tn3270 urls by defining them to false(1) as documented in the lynx manual. Finally, turn off the file editor which can be accessed with g.enter using the --disable-dired switch. ok to commit? Index: Makefile.bsd-wrapper === RCS file: /home/cvs/src/gnu/usr.bin/lynx/Makefile.bsd-wrapper,v retrieving revision 1.24 diff -u -p -u -r1.24 Makefile.bsd-wrapper --- Makefile.bsd-wrapper 15 Apr 2014 20:55:42 - 1.24 +++ Makefile.bsd-wrapper 11 Jul 2014 02:47:31 - @@ -5,7 +5,10 @@ CLEANFILES+= lynx.1 DPADD=${LIBSSL} ${LIBCRYPTO} GNUCFLAGS= CC=${CC} CFLAGS=${CFLAGS} ${COPTS} ${OPT} LDFLAGS=${LDFLAGS} -CONFIGURE_ARGS= --with-ssl=/usr --enable-widec --enable-ipv6 --enable-debug +CONFIGURE_ARGS= --with-ssl=/usr --enable-widec --enable-ipv6 --enable-debug \ + --disable-bibp-urls --disable-finger --disable-gopher --disable-news \ + --disable-dired + HTMLDIR= /usr/share/doc/html HELPFILES= keystrokes/alt_edit_help.html keystrokes/bookmark_help.html \ keystrokes/cookie_help.html keystrokes/dired_help.html \ @@ -39,12 +42,18 @@ config: .FORCE PATH=/bin:/usr/bin:/sbin:/usr/sbin \ ${GNUCFLAGS} \ INSTALL_PROGRAM=${INSTALL} ${INSTALL_COPY} ${INSTALL_STRIP} \ + TELNET=/usr/bin/false \ + RLOGIN=/usr/bin/false \ + TN3270=/usr/bin/false \ sh ${.CURDIR}/configure --prefix=/usr --sysconfdir=/etc --disable-color-style ${CONFIGURE_ARGS} config.status: PATH=/bin:/usr/bin:/sbin:/usr/sbin \ ${GNUCFLAGS} \ INSTALL_PROGRAM=${INSTALL} ${INSTALL_COPY} ${INSTALL_STRIP} \ + TELNET=/usr/bin/false \ + RLOGIN=/usr/bin/false \ + TN3270=/usr/bin/false \ sh ${.CURDIR}/configure --prefix=/usr --sysconfdir=/etc --disable-color-style ${CONFIGURE_ARGS} ${CF} lynx.1: ${.CURDIR}/lynx.man -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
Re: lynx: disable old protocols
On Jul 10, 2014, at 11:50 PM, Adam Thompson athom...@athompso.net wrote: As a user, not a developer... I still use finger, gopher, and news URLs at least once a year each. As a user, I disagree with turning support for those schemes off completely. Finger and news I can use another tool, and I'd concede that no-one really *needs* a news reader in base. (I still find having a finger client of some sort in base useful at one site, however.) finger(1) is still in base. (for now). do you really need to access a finger client from inside a web browser? for news, do any of the news packages in ports work as a replacement? Gopher, however, is not as dead as everyone assumes. I believe I can re-enable tn3270 and telnet schemes manually, which is fine. I still use both of those fairly often. tn3270 is no longer in base so trying this protocol from lynx already does nothing today. I'm just making it slightly more explicit... for telnet same thing as finger, do you really need to access this from within lynx? why doesn't using telnet from the command line work for you? The other protocols are irrelevant to me. thanks for your feedback. -Adam On July 10, 2014 10:05:45 PM CDT, Daniel Dickman didick...@gmail.com wrote: Patch below turns off the following ancient protocols built into lynx: bibp, finger, gopher, and news. For some urls, lynx will invoke an external command. Turn off telnet, rlogin and tn3270 urls by defining them to false(1) as documented in the lynx manual. Finally, turn off the file editor which can be accessed with g.enter using the --disable-dired switch. ok to commit? Index: Makefile.bsd-wrapper RCS file: /home/cvs/src/gnu/usr.bin/lynx/Makefile.bsd-wrapper,v retrieving revision 1.24 diff -u -p -u -r1.24 Makefile.bsd-wrapper --- Makefile.bsd-wrapper 15 Apr 2014 20:55:42 - 1.24 +++ Makefile.bsd-wrapper 11 Jul 2014 02:47:31 - @@ -5,7 +5,10 @@ CLEANFILES+= lynx.1 DPADD= ${LIBSSL} ${LIBCRYPTO} GNUCFLAGS= CC=${CC} CFLAGS=${CFLAGS} ${COPTS} ${OPT} LDFLAGS=${LDFLAGS} -CONFIGURE_ARGS= --with-ssl=/usr --enable-widec --enable-ipv6 --enable-debug +CONFIGURE_ARGS= --with-ssl=/usr --enable-widec --enable-ipv6 --enable-debug \ + --disable-bibp-urls --disable-finger --disable-gopher --disable-news \ + --disable-dired + HTMLDIR= /usr/share/doc/html HELPFILES= keystrokes/alt_edit_help.html keystrokes/bookmark_help.html \ keystrokes/cookie_help.html keystrokes/dired_help.html \ @@ -39,12 +42,18 @@ config: .FORCE PATH=/bin:/usr/bin:/sbin:/usr/sbin \ ${GNUCFLAGS} \ INSTALL_PROGRAM=${INSTALL} ${INSTALL_COPY} ${INSTALL_STRIP} \ + TELNET=/usr/bin/false \ + RLOGIN=/usr/bin/false \ + TN3270=/usr/bin/false \ sh ${.CURDIR}/configure --prefix=/usr --sysconfdir=/etc --disable-color-style ${CONFIGURE_ARGS} config.status: PATH=/bin:/usr/bin:/sbin:/usr/sbin \ ${GNUCFLAGS} \ INSTALL_PROGRAM=${INSTALL} ${INSTALL_COPY} ${INSTALL_STRIP} \ + TELNET=/usr/bin/false \ + RLOGIN=/usr/bin/false \ + TN3270=/usr/bin/false \ sh ${.CURDIR}/configure --prefix=/usr --sysconfdir=/etc --disable-color-style ${CONFIGURE_ARGS} ${CF} lynx.1: ${.CURDIR}/lynx.man -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
Re: lynx: disable old protocols
Pretty standard thing in several companies I do work for is to have an intranet page with http://, ssh://, telnet:// and finger:// (amazingly) links to various devices on the network. Having to read the source and escape to a shell would be somewhat worse than what I get on a base install today. IIRC, finger was how we got a quick status overview from... some piece of ATM switching gear? And yes, I actually do spend a noticeable amount of time at the text console, with no ports installed, when inside a foreign network. -Adam [Original message deleted] -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
Re: lynx: disable old protocols
On 07/10/14 23:05, Daniel Dickman wrote: Patch below turns off the following ancient protocols built into lynx: bibp, finger, gopher, and news. For some urls, lynx will invoke an external command. Turn off telnet, rlogin and tn3270 urls by defining them to false(1) as documented in the lynx manual. Finally, turn off the file editor which can be accessed with g.enter using the --disable-dired switch. ok to commit? No. Just because it's an older crufty protocol, it shouldn't be removed 'just because'. I keep on bumping into gopher. bibp is definitely used by others. --STeve Andre'
Re: lynx: disable old protocols
On Jul 10, 2014, at 8:05 PM, Daniel Dickman didick...@gmail.com wrote: Patch below turns off the following ancient protocols built into lynx: bibp, finger, gopher, and news. For some urls, lynx will invoke an external command. Turn off telnet, rlogin and tn3270 urls by defining them to false(1) as documented in the lynx manual. Finally, turn off the file editor which can be accessed with g.enter using the --disable-dired switch. ok to commit? Index: Makefile.bsd-wrapper === RCS file: /home/cvs/src/gnu/usr.bin/lynx/Makefile.bsd-wrapper,v retrieving revision 1.24 diff -u -p -u -r1.24 Makefile.bsd-wrapper --- Makefile.bsd-wrapper 15 Apr 2014 20:55:42 - 1.24 +++ Makefile.bsd-wrapper 11 Jul 2014 02:47:31 - @@ -5,7 +5,10 @@ CLEANFILES+= lynx.1 DPADD=${LIBSSL} ${LIBCRYPTO} GNUCFLAGS=CC=${CC} CFLAGS=${CFLAGS} ${COPTS} ${OPT} LDFLAGS=${LDFLAGS} -CONFIGURE_ARGS= --with-ssl=/usr --enable-widec --enable-ipv6 --enable-debug +CONFIGURE_ARGS= --with-ssl=/usr --enable-widec --enable-ipv6 --enable-debug \ + --disable-bibp-urls --disable-finger --disable-gopher --disable-news \ + --disable-dired + HTMLDIR= /usr/share/doc/html HELPFILES=keystrokes/alt_edit_help.html keystrokes/bookmark_help.html \ keystrokes/cookie_help.html keystrokes/dired_help.html \ @@ -39,12 +42,18 @@ config: .FORCE PATH=/bin:/usr/bin:/sbin:/usr/sbin \ ${GNUCFLAGS} \ INSTALL_PROGRAM=${INSTALL} ${INSTALL_COPY} ${INSTALL_STRIP} \ + TELNET=/usr/bin/false \ + RLOGIN=/usr/bin/false \ + TN3270=/usr/bin/false \ sh ${.CURDIR}/configure --prefix=/usr --sysconfdir=/etc --disable-color-style ${CONFIGURE_ARGS} config.status: PATH=/bin:/usr/bin:/sbin:/usr/sbin \ ${GNUCFLAGS} \ INSTALL_PROGRAM=${INSTALL} ${INSTALL_COPY} ${INSTALL_STRIP} \ + TELNET=/usr/bin/false \ + RLOGIN=/usr/bin/false \ + TN3270=/usr/bin/false \ sh ${.CURDIR}/configure --prefix=/usr --sysconfdir=/etc --disable-color-style ${CONFIGURE_ARGS} ${CF} lynx.1: ${.CURDIR}/lynx.man I too use gopher in lynx regularly, and would miss support. There is still a surprisingly active community using gopher. (floodgap, et al.) signature.asc Description: Message signed with OpenPGP using GPGMail