[OpenAFS-devel] out of date code/apps/etc...

Jeffrey Hutzelman jhutz@cmu.edu
Sat, 2 Dec 2000 18:40:52 -0500 (EST)

On Sat, 2 Dec 2000, Nathan Neulinger wrote:

> I was thinking it might be good to remove:
> 	inetd
> 	ftpd43
> 	ntp
> from the cvs repository (or delete from current revision rather),
> and add:
> 	xinetd (patch it to do pagsetting/etc.)
> 	ntp4
> 	wuftpd+afs (if not already patched)
> as separate modules in the cvs repository. 
> That way, they don't even get built. It would though mean that parts of
> the repository would be under a difference license.

Personally, I'd rather see the insecure token-passing inetd, ftpd, and
rcmds disappear from OpenAFS altogether.  A better approach would be to
distribute patches to ssh to support token passing and/or getting AFS
tokens when the user types a password or forwards Kerberos credentials.

I also don't think we should be including any NTP implementation.  The one
currently in AFS does not include any AFS-specific features; stock ntp4
will work just fine.  Including a copy of ntp4 in openafs would only serve
to insure that we distribute something that is always out-of-date with
respect to the official distribution.

Unfortunately, I've heard mumblings that certain of the elders are opposed
to the idea of removing any of these things from OpenAFS -- they'd rather
keep them in the name of "backward compatibility".  This seems silly, and
I hope that eventually the elders can come to a concensus in favor of
removing this obsolete and insecure code.

-- Jeffrey T. Hutzelman (N3NHS) <jhutz+@cmu.edu>
   Sr. Research Systems Programmer
   School of Computer Science - Research Computing Facility
   Carnegie Mellon University - Pittsburgh, PA