[OpenAFS-devel] out of date code/apps/etc...
Jeffrey Hutzelman
jhutz@cmu.edu
Sat, 2 Dec 2000 18:40:52 -0500 (EST)
On Sat, 2 Dec 2000, Nathan Neulinger wrote:
> I was thinking it might be good to remove:
> inetd
> ftpd43
> ntp
>
> from the cvs repository (or delete from current revision rather),
> and add:
>
> xinetd (patch it to do pagsetting/etc.)
> ntp4
> wuftpd+afs (if not already patched)
>
> as separate modules in the cvs repository.
>
> That way, they don't even get built. It would though mean that parts of
> the repository would be under a difference license.
Personally, I'd rather see the insecure token-passing inetd, ftpd, and
rcmds disappear from OpenAFS altogether. A better approach would be to
distribute patches to ssh to support token passing and/or getting AFS
tokens when the user types a password or forwards Kerberos credentials.
I also don't think we should be including any NTP implementation. The one
currently in AFS does not include any AFS-specific features; stock ntp4
will work just fine. Including a copy of ntp4 in openafs would only serve
to insure that we distribute something that is always out-of-date with
respect to the official distribution.
Unfortunately, I've heard mumblings that certain of the elders are opposed
to the idea of removing any of these things from OpenAFS -- they'd rather
keep them in the name of "backward compatibility". This seems silly, and
I hope that eventually the elders can come to a concensus in favor of
removing this obsolete and insecure code.
-- Jeffrey T. Hutzelman (N3NHS) <jhutz+@cmu.edu>
Sr. Research Systems Programmer
School of Computer Science - Research Computing Facility
Carnegie Mellon University - Pittsburgh, PA