Subject: Re: Proposal for new utility in base: bin/nc
To: Eric Gillespie, Jr. <email@example.com>
From: Alistair Crooks <firstname.lastname@example.org>
Date: 10/12/2001 15:13:46
On Fri, Oct 12, 2001 at 07:46:58AM -0500, Eric Gillespie, Jr. wrote:
> Hubert Feyrer <email@example.com> writes:
> > included. It's already in pkgsrc/net/netcat btw.
> Which, aside from being unmaintainable and not IPv6-ready,
> doesn't help me since it's not in base. Like i said, the first
> thing i do upon unpacking the base tarball on a new system is get
> an nc binary onto the system for grabbing everything else.
> Dealing with floppies is painful.
> Eric Gillespie, Jr. <*> firstname.lastname@example.org
> "This movie sure is gory!"
> "Yeah, but that's one cute pig."
You didn't mention the licence on the software, so I made the package
and had a look - there doesn't seem to be a licence on it at all.
I also read the documentation that came with it:
"If netcat is compiled with -DGAPING_SECURITY_HOLE, the -e argument specifies
a program to exec after making or receiving a successful connection. In the
listening mode, this works similarly to "inetd" but only for a single instance.
Use with GREAT CARE. This piece of the code is normally not enabled; if you
know what you're doing, have fun. This hack also works in UDP mode. Note that
you can only supply -e with the name of the program, but no arguments. If you
want to launch something with an argument list, write a two-line wrapper script
or just use inetd like always."
Now, personally, I don't like introducing "gaping security holes"
into the base system. Call me old-fashioned, but I personally don't
want my name in lights on any number of Bugtraq advisories.
I'm still a bit mystified as to why you can't just carry around a
binary package, and install that as the first thing you do after
installing basesrc. Like I said, though, I'm getting old, and don't
understand why we should add more software to the base system, when
it's not obvious what we would gain by it. I've installed software
on a number of fresh systems (not all i386) just recently, and have
found that scp, ftp, and a binary rio package were all that I