Thank you Bob and Stuart for the answers.
What Bob proposes is a bit cumbersome since it involves remembering
the full URL path.
Stuart's suggestion really addresses the problem I'm experiencing. I
admit there's only a bunch of cases where I haven't had my laptop
within me, or no nearby computer
Subject: Re: lynx: disable old protocols
From: weezeld...@gmail.com
To: b...@obtuse.com
CC: tech@openbsd.org; st...@openbsd.org
Thank you Bob and Stuart for the answers.
What Bob proposes is a bit cumbersome since it involves remembering
the full URL path.
Stuart's suggestion really
installation, not from the July 18
sets nor from the July 19 sets. I take off to MARC, and in 5 minutes
I'm reading this topic lynx: disable old protocols. For a while,
things look favorable for lynx to stay in base. I sure hope so,
but, hey, lynx ain't here now! My heart's beating faster
On 2014/07/19 01:29, Ville Valkonen wrote:
what would you suggest for situations where installXX.iso is burned to
a CD to avoid downloading sets from the net due a slow Internet
connection? When sets are installed from the CD it doesn't set
PKG_PATH. I couldn't find any mirror list from the
On Sat, Jul 19, 2014 at 12:28:17PM +0100, Stuart Henderson wrote:
On 2014/07/19 01:29, Ville Valkonen wrote:
what would you suggest for situations where installXX.iso is burned to
a CD to avoid downloading sets from the net due a slow Internet
connection? When sets are installed from the CD
On 2014/07/19 12:28, Stuart Henderson wrote:
On 2014/07/19 01:29, Ville Valkonen wrote:
what would you suggest for situations where installXX.iso is burned to
a CD to avoid downloading sets from the net due a slow Internet
connection? When sets are installed from the CD it doesn't set
On Sat, Jul 19, 2014 at 12:28:17PM +0100, Stuart Henderson wrote:
Personally I remember a few nearby mirror URLs, but I do think this could
be improved - we could add a sample pkg.conf file to /etc/examples with
a list of mirrors updated from mirrors.dat. Unless there are objections to
that
On 19 lip 2014, at 15:25, Doug Hogan d...@acyclic.org wrote:
On Sat, Jul 19, 2014 at 12:28:17PM +0100, Stuart Henderson wrote:
Personally I remember a few nearby mirror URLs, but I do think this could
be improved - we could add a sample pkg.conf file to /etc/examples with
a list of mirrors
On 17 July 2014 00:10, Stuart Henderson st...@openbsd.org wrote:
On 2014/07/16 16:00, Jean-Philippe Ouellet wrote:
Oh come on... It's not like the URLs are some giant uuid-based madness
or something. All the mirrors have the same simple layout. If you install
lots of boxes regularly, it
ftp -o - http://ftp.openbsd.org/pub/OpenBSD/snapshots/ftplist | some
script, or maybe your eyes and pick one.
On Fri, Jul 18, 2014 at 4:29 PM, Ville Valkonen weezeld...@gmail.com wrote:
On 17 July 2014 00:10, Stuart Henderson st...@openbsd.org wrote:
On 2014/07/16 16:00, Jean-Philippe Ouellet
What about the other direction, what about all the poeple who believe that
lynx is the end-all, be-all choice for secure browsing, because they
believe that it's the only browser that is held to the audit standards of
being included in OpenBSD base. If it isn't, isn't there a responsibility
to
On Wed, 2014-07-16 at 13:56 -0500, patric conant wrote:
I'd also like to point out that Shawn has broken the social contract
here, it's well known that it's generally considered rude to direct
developers, in this forum.
Every single free or open-source software project I have ever used has
On 07/16/14 17:00, Shawn K. Quinn wrote:
On Wed, 2014-07-16 at 13:56 -0500, patric conant wrote:
I'd also like to point out that Shawn has broken the social contract
here, it's well known that it's generally considered rude to direct
developers, in this forum.
Every single free or open-source
For the rest of us who prefer to use software instead of demanding changes,
this simply means using OpenBSD in a strictly-isolated environment becomes a
bit more difficult.
I'm still not willing to use Linux LiveCDs in certain environments for the most
part, and I'll just get used to having
For the rest of us who prefer to use software instead of demanding
changes, this simply means using OpenBSD in a strictly-isolated
environment becomes a bit more difficult.
This statement makes no sense. Why would you strictly isolate the
environment? Because you want security. In that
On Wed, Jul 16, 2014 at 4:00 PM, Shawn K. Quinn skqu...@rushpost.com
wrote:
On Wed, 2014-07-16 at 13:56 -0500, patric conant wrote:
I'd also like to point out that Shawn has broken the social contract
here, it's well known that it's generally considered rude to direct
developers, in this
On 7/11/2014 2:03 AM, Theo de Raadt wrote:
If lynx was removed from base, and only available in ports... how many of
you would even know of it's existance and use it?
I absolutely would use it if it were only available in ports.
I only complain about gopher support being removed because lynx
With your attitude, I beg you to please go run some other
operating system.
On Sat, 2014-07-12 at 23:58 -0700, William Orr wrote:
wrt. auditing it, should we send patches here? Or upstream?
I'd send them both places, if they apply cleanly to both sets of code.
Otherwise, send them here. I'd love to be proven wrong about the
maintainers not really giving a shit about the
Why haven't you left?
Please leave.
On Sat, 2014-07-12 at 23:58 -0700, William Orr wrote:
wrt. auditing it, should we send patches here? Or upstream?
I'd send them both places, if they apply cleanly to both sets of code.
Otherwise, send them here. I'd love to be proven wrong about the
On Sun, 2014-07-13 at 01:38 -0600, Theo de Raadt wrote:
With your attitude, I beg you to please go run some other
operating system.
The plan is when the first Bitrig release comes out, I'm done and switch
to that. The donations I was going to make to your project later this
year? Not anymore.
On Sun, Jul 13, 2014 at 02:26:10AM -0500, Shawn K. Quinn wrote:
On Sat, 2014-07-12 at 23:58 -0700, William Orr wrote:
wrt. auditing it, should we send patches here? Or upstream?
I'd send them both places, if they apply cleanly to both sets of code.
Otherwise, send them here. I'd love to be
Why haven't you left yet Shawn?
On Sun, 2014-07-13 at 02:01 -0600, Theo de Raadt wrote:
Why haven't you left yet Shawn?
Because for the moment, I still am an OpenBSD user. And you haven't
answered my question why there's been no exploit of this poor quality
code (in the entire history of Lynx going back to 1992, no less).
You demand us to do work?
Please leave immediately.
On Sun, 2014-07-13 at 02:01 -0600, Theo de Raadt wrote:
Why haven't you left yet Shawn?
Because for the moment, I still am an OpenBSD user. And you haven't
answered my question why there's been no exploit of this poor quality
code (in
On Sat, Jul 12, 2014 at 21:43, Shawn K. Quinn wrote:
For now, I'm going to make sure my Lynx still has full functionality if
I have to manually unfuck the Makefile myself everytime after I update
my sources. In the future? Maybe I (and the other users who actually
give a shit about having
On Sun, 2014-07-13 at 02:23 -0600, Theo de Raadt wrote:
You demand us to do work?
Please leave immediately.
No, I'm asking why there's been no exploit, not necessarily for you to
write one. In fact, Theo, I'd really rather you not try to write one,
since apparently you're averse to the idea
On Sun, Jul 13, 2014 at 02:58:04AM -0500, Shawn K. Quinn wrote:
| On Sun, 2014-07-13 at 01:38 -0600, Theo de Raadt wrote:
| With your attitude, I beg you to please go run some other
| operating system.
|
| The plan is when the first Bitrig release comes out, I'm done and switch
| to that. The
On 2014-07-11 Fri 03:03 AM |, Theo de Raadt wrote:
If lynx was removed from base, and only available in ports... how many of
you would even know of it's existance and use it?
Several times a week I use lynx for http or local html docs.
If it wasn't in base, I'd install it/some similar
On Fri, 2014-07-11 at 03:03 -0600, Theo de Raadt wrote:
If lynx was removed from base, and only available in ports... how many of
you would even know of it's existance and use it?
Not only would I know of its existence and go install it to use, I would
wonder out loud why the hell it's not in
If there's a security hole related to gopher or bibp, let's fix it,
let's not up and drop support for those protocols because of it. People
do use these protocols even in 2014.
let's is a contraction for let us.
Basically the community must audit lynx, if they want it to remain in base.
Those
On Sat, Jul 12, 2014 at 06:11:16AM -0500, Shawn K. Quinn wrote:
On Fri, 2014-07-11 at 03:03 -0600, Theo de Raadt wrote:
If lynx was removed from base, and only available in ports... how many of
you would even know of it's existance and use it?
Not only would I know of its existence and go
On Sat, 2014-07-12 at 06:11 -0500, Shawn K. Quinn wrote:
If it's code bloat, I'd like to know just how much code we're talking
about. Unless we're going to try to put Lynx on install media (and I am
definitely not suggesting that we do), 1.7 megabytes really isn't all
that big (it's actually
Maybe I (and the other users who actually
give a shit about having non-crippled software) should have switched to
BitRig (or NetBSD, or maybe even something else) already.
Good luck, I won't miss you!
On Thu, 10 Jul 2014 23:17:44 -0400, Daniel Dickman wrote:
For some urls, lynx will invoke an external command. Turn off telnet,
rlogin and tn3270 urls by defining them to false(1) as documented in the
lynx manual.
Gopher and NNTP are actually still being used (the former a bit
sparsely, but
Pretty standard thing in several companies I do work for is to have an
intranet page with http://, ssh://, telnet:// and finger:// (amazingly) links
to various devices on the network. Having to read the source and escape to a
shell would be somewhat worse than what I get on a base install
I don't see a good reason to get rid of this. What is the rationale?
Daniel appears to have made a mistake asking for approval on the wrong
list. He's new here, take it easy on him.
On 2014/07/11 01:18, Theo de Raadt wrote:
I too use gopher in lynx regularly, and would miss support. There is =
still a surprisingly active community using gopher. (floodgap, et al.)
So install a package.
Should we just move lynx to packages?
On Fri, 11 Jul 2014 09:48:12 +0100
Stuart Henderson st...@openbsd.org wrote:
| On 2014/07/11 01:18, Theo de Raadt wrote:
| I too use gopher in lynx regularly, and would miss support. There is =
| still a surprisingly active community using gopher. (floodgap, et al.)
|
| So install a
On 2014/07/11 18:51, Brett Mahar wrote:
On Fri, 11 Jul 2014 09:48:12 +0100
Stuart Henderson st...@openbsd.org wrote:
| On 2014/07/11 01:18, Theo de Raadt wrote:
| I too use gopher in lynx regularly, and would miss support. There is =
| still a surprisingly active community using gopher.
I find lynx really handy to have in base, e.g. installing on a new
machine, users can just go to openbsd.org and cut and paste a pkg_path
prior to installing anything, and read the faq.
that is why it is in base.
but someone on the list wants to visit the openbsd gopher page to get
that
If lynx was removed from base, and only available in ports... how many of
you would even know of it's existance and use it?
On Fri, Jul 11, 2014 at 09:56, Stuart Henderson wrote:
On 2014/07/11 18:51, Brett Mahar wrote:
On Fri, 11 Jul 2014 09:48:12 +0100
Stuart Henderson st...@openbsd.org wrote:
| On 2014/07/11 01:18, Theo de Raadt wrote:
| I too use gopher in lynx regularly, and would miss support. There
is =
On 2014/07/11 05:05, Ted Unangst wrote:
On Fri, Jul 11, 2014 at 09:56, Stuart Henderson wrote:
On 2014/07/11 18:51, Brett Mahar wrote:
On Fri, 11 Jul 2014 09:48:12 +0100
Stuart Henderson st...@openbsd.org wrote:
| On 2014/07/11 01:18, Theo de Raadt wrote:
| I too use gopher in lynx
On Thu, Jul 10, 2014 at 11:05:45PM -0400, Daniel Dickman wrote:
Patch below turns off the following ancient protocols built into lynx:
bibp, finger, gopher, and news.
For some urls, lynx will invoke an external command. Turn off telnet,
rlogin and tn3270 urls by defining them to false(1)
I would know of its existence, but likely not install it. As I said, I have
workarounds. I remember how bad the code was years ago, so I agree with the
idea in general, but it will be a pain in the butt for me every once in a while
:-(.
-Adam
On July 11, 2014 4:03:29 AM CDT, Theo de Raadt
* Stuart Henderson st...@openbsd.org [2014-07-11 10:49]:
Should we just move lynx to packages?
hmm. having a simple text browser in base is worthwile imo. and if it
is just to download sth where i don't know the exact URL.
personally, I haven't used lynx for anything but http and https in...
On 7/11/14, Theo de Raadt dera...@cvs.openbsd.org wrote:
If lynx was removed from base, and only available in ports... how many of
you would even know of it's existance and use it?
asking rhetorically?
either way, yes, I would install lynx if it wasn't in base.
I use it on a daily basis.
Patch below turns off the following ancient protocols built into lynx:
bibp, finger, gopher, and news.
For some urls, lynx will invoke an external command. Turn off telnet,
rlogin and tn3270 urls by defining them to false(1) as documented in the
lynx manual.
Finally, turn off the file editor
On Thu, 2014-07-10 at 23:05 -0400, Daniel Dickman wrote:
Patch below turns off the following ancient protocols built into lynx:
bibp, finger, gopher, and news.
For some urls, lynx will invoke an external command. Turn off telnet,
rlogin and tn3270 urls by defining them to false(1) as
On 07/10/14 23:17, Daniel Dickman wrote:
For some urls, lynx will invoke an external command. Turn off telnet,
rlogin and tn3270 urls by defining them to false(1) as documented in the
lynx manual.
Gopher and NNTP are actually still being used (the former a bit
sparsely, but there are a few
As a user, not a developer...
I still use finger, gopher, and news URLs at least once a year each. As a
user, I disagree with turning support for those schemes off completely.
Finger and news I can use another tool, and I'd concede that no-one really
*needs* a news reader in base. (I still
On Jul 10, 2014, at 11:50 PM, Adam Thompson athom...@athompso.net wrote:
As a user, not a developer...
I still use finger, gopher, and news URLs at least once a year each. As a
user, I disagree with turning support for those schemes off completely.
Finger and news I can use another tool,
Pretty standard thing in several companies I do work for is to have an intranet
page with http://, ssh://, telnet:// and finger:// (amazingly) links to various
devices on the network. Having to read the source and escape to a shell would
be somewhat worse than what I get on a base install
On 07/10/14 23:05, Daniel Dickman wrote:
Patch below turns off the following ancient protocols built into lynx:
bibp, finger, gopher, and news.
For some urls, lynx will invoke an external command. Turn off telnet,
rlogin and tn3270 urls by defining them to false(1) as documented in the
lynx
On Jul 10, 2014, at 8:05 PM, Daniel Dickman didick...@gmail.com wrote:
Patch below turns off the following ancient protocols built into lynx:
bibp, finger, gopher, and news.
For some urls, lynx will invoke an external command. Turn off telnet,
rlogin and tn3270 urls by defining them to
56 matches
Mail list logo