PSA: lpd/lpr will be removed from FreeBSD

atax1a said:
what a weirdly condescending reply, considering you dont even know how old we are, or the kind of old software we keep running outside of this forum. but ok. sounds like you'd rather complain than contribute, you do you.
Click to expand...
perception is usually everything. Given the difference in avatars, I think it's entirely reasonable to assume a generational gap. LOL For instance, when you see a stone head that looks like a grouchy Karl Marx so you think of someone born post-y2k? or do you add 50 years onto that?
 
kent_dorfman766 said:
perception is usually everything. Given the difference in avatars, I think it's entirely reasonable to assume a generational gap. LOL For instance, when you see a stone head that looks like a grouchy Karl Marx so you think of someone born post-y2k? or do you add 50 years onto that?
Click to expand...
unfortunately for those concerned, we don't exactly experience linear causality, and so cannot answer the question as asked.
 
hedwards said:
If you hang around the open source world, or really computers in general long enough, you'll have favorite pieces of software that get discontinued for one reason or another. If you're lucky, it can be run in an emulator or container, for most of the time that I've been using computers that wasn't a viable option.
Click to expand...

Weeell, hold on a second.

Some of us use open source software specifically because this cannot happen against the will of a sufficient fanbase of such software. You can never really take it away.

The issue at hand here is that software with security issues is not "finished" and needs such a sufficient fanbase to code on it. That is an entirely different matter from kicking out software that is finished for some time and does not pose a risk.
 
cracauer@ said:
Weeell, hold on a second.

Some of us use open source software specifically because this cannot happen against the will of a sufficient fanbase of such software. You can never really take it away.

The issue at hand here is that software with security issues is not "finished" and needs such a sufficient fanbase to code on it. That is an entirely different matter from kicking out software that is finished for some time and does not pose a risk.
Click to expand...
Sort of, any software that doesn't have DRM tied into a server can potentially be used forever. The open source stuff offers more options in terms of keeping it going longer, but nothing is permanent. But looking at what's been happening with Linux being increasingly held hostage by key packages that are deliberately not compatible, I wouldn't just assume that open source doesn't mean that there can't be serious issues that result anyways.

I don't think that you can really separate not finished from the security issues that can come later on that so cleanly. Especially in a time when so many software packages use various libraries that have various degrees of security and doneness involved.

That being said, I do think that there should be a considerable amount of caution in terms of removing things if there isn't an obvious security or other issue to trigger it. But, that being said, ensuring that it's at least somewhat secure isn't free. It's just cheap these days.
 
atax1a said:
was there this much handwringing when they removed telnetd
Click to expand...
This one was a little crap in my opinion.

Sure, SSH is kind of the secure alternative but if you have ever tried to log into a truly ancient machine, it simply fails because the different encryption methods no longer align.
A more resilient choice is to keep telnetd, or have a standardized "null encryption" for SSH. Did telnetd need to be maintained? Not really, its a simple daemon it could simply idle there and not be removed.

That said, lpd, lpr, and telnetd are not part of POSIX / SUS so it isn't *too* terrible. (Though they are part of BSD heritage, lp is part of POSIX/SUS).
 
malco_2001 said:
Why do they need removed? Just don't install them for pkg base so those who still want them can install. I get annoyed with this and this needs to be removed because of security. Sure let's be like Linux and just rewrite everything and stop the concept of finished software.
Click to expand...
They at least keep it small this way. A FreeBSD amd64 world install is about 450MB
Assuming it's not the HP agenda of owning 100% corporate control of printers. Cups obsoleting support for old printers was already suspicious. Same problem, basically: there is no technical advantage. It's only dropping support for reasons. Best excuse I heard is lack of developer capacity, but we don't have to delete working things for that.
 
telnetd had a big security hole discovered just recently. At least the one on Linux, dunno how many variants are out there.

If you had a telnetd running as a backup to sshd you would have screwed yourself.
 
cracauer@ said:
telnetd had a big security hole discovered just recently. At least the one on Linux, dunno how many variants are out there.

If you had a telnetd running as a backup to sshd you would have screwed yourself.
Click to expand...
telnetd was always something that should never be exposed outside of a private and secure network. A bit like NFSv3 or.... lpd ;)

And lets be honest, Linux probably badly integrated systemd into it and fscked it up.

My bigger concern is when mount_smbfs(8) being dropped (like it was in NetBSD). The rationale was that v1 was no longer supported by Windows... Who gives a damn what Windows supports? We are running a completely different OS with our own SMB server. Worse was that NetBSD had no alternative and had to fall back on a very unmaintained and slow FUSE driver.

In most cases, the argument of "well maintain it yourself" is a little redundant when all it would be is reverting the removal commit :beer:
 
You must log in or register to reply here.
Back
Top