On Wed, Apr 18, 2012 at 03:20:21PM -0400, Eric Bélanger wrote: > Hi, > > Currently, the inetutils packages provide the old unsecure r* family > of tools. There is currently a bug report [1] asking for the removal > of rexec as it it particularly unsecure. As these things are old and I > suppose everyone has moved to more secure apps like ssh/sftp, I'm > thinking about removing all these r* tools. > > Also, there is another bug report [2] about removing /bin/domainname. > This wrapper script is currently broken and users using NIS probably > already have yp-tools installed, which provides its own > /usr/bin/domainname. This will also fix a future conflict whenever > we'll get rid of /bin. > > In summary, I would like to remove the following binaries from inetutils: > > /bin/domainname > /usr/bin/rcp > /usr/bin/rexec > /usr/bin/rlogin > /usr/bin/rsh > /usr/sbin/rexecd > /usr/sbin/rlogind > /usr/sbin/rshd
Definite +1 here. > The inetutils package will continue to provide the following binaries: > > /bin/dnsdomainname > /bin/hostname > /usr/bin/ftp > /usr/bin/hostname > /usr/bin/talk > /usr/bin/telnet > /usr/sbin/ftpd > /usr/sbin/talkd > /usr/sbin/telnetd Sounds good to me. > Any objections, comments? > > Eric > > [1] https://bugs.archlinux.org/task/28819 > [2] https://bugs.archlinux.org/task/29529
