Am 18.04.2012 21:20, schrieb Eric Bélanger:
Hi,
Currently, the inetutils packages provide the old unsecure r* family of tools. There is currently a bug report [1] asking for the removal of rexec as it it particularly unsecure. As these things are old and I suppose everyone has moved to more secure apps like ssh/sftp, I'm thinking about removing all these r* tools.
Just because they're insecure doesn't mean we shouldn't provide them. There are probably enough people that use this, and it is their choice.
Also, there is another bug report [2] about removing /bin/domainname. This wrapper script is currently broken and users using NIS probably already have yp-tools installed, which provides its own /usr/bin/domainname. This will also fix a future conflict whenever we'll get rid of /bin.
+1
/usr/bin/telnet /usr/sbin/telnetd
Any objections, comments?
By the above argument, we should also remove telnetd.