tech-userlevel: Re: Proposal for new utility in base: bin/nc

Subject: Re: Proposal for new utility in base: bin/nc
To: Eric Gillespie, Jr. <epg@pretzelnet.org>
From: Alistair Crooks <agc@pkgsrc.org>
List: tech-userlevel
Date: 10/12/2001 15:13:46

On Fri, Oct 12, 2001 at 07:46:58AM -0500, Eric Gillespie, Jr. wrote:
> Hubert Feyrer <hubert.feyrer@informatik.fh-regensburg.de> writes:
> 
>     > included.  It's already in pkgsrc/net/netcat btw.
> 
> Which, aside from being unmaintainable and not IPv6-ready,
> doesn't help me since it's not in base.  Like i said, the first
> thing i do upon unpacking the base tarball on a new system is get
> an nc binary onto the system for grabbing everything else.
> Dealing with floppies is painful.
> 
> -- 
> Eric Gillespie, Jr. <*> epg@pretzelnet.org
> 
> "This movie sure is gory!"
> "Yeah, but that's one cute pig."

You didn't mention the licence on the software, so I made the package
and had a look - there doesn't seem to be a licence on it at all.

I also read the documentation that came with it:

"If netcat is compiled with -DGAPING_SECURITY_HOLE, the -e argument specifies
a program to exec after making or receiving a successful connection.  In the
listening mode, this works similarly to "inetd" but only for a single instance.
Use with GREAT CARE.  This piece of the code is normally not enabled; if you
know what you're doing, have fun.  This hack also works in UDP mode.  Note that
you can only supply -e with the name of the program, but no arguments.  If you
want to launch something with an argument list, write a two-line wrapper script
or just use inetd like always."

Now, personally, I don't like introducing "gaping security holes"
into the base system. Call me old-fashioned, but I personally don't
want my name in lights on any number of Bugtraq advisories.

I'm still a bit mystified as to why you can't just carry around a
binary package, and install that as the first thing you do after
installing basesrc. Like I said, though, I'm getting old, and don't
understand why we should add more software to the base system, when
it's not obvious what we would gain by it. I've installed software
on a number of fresh systems (not all i386) just recently, and have
found that scp, ftp, and a binary rio package were all that I
needed.

Regards,
Alistair