Subject: Re: Proposal for new utility in base: bin/nc
To: Alistair Crooks <firstname.lastname@example.org>
From: Mike Pelley <email@example.com>
Date: 10/17/2001 13:23:56
Alistair Crooks wrote:
>>Clearly it is not required nor advised to compile netcat with the
>>-DGAPING_SECURITY_HOLE define, so I do not understand why you are
>>concerned. Apache offers a similar define to run as root but since
>>pkgsrc does not enable it there is no problem. Additional functionality
>>available for special circumstances that is disabled by default during
>>compile time (and clearly labelled as dangerous) should not be
>>considered a security flaw.
> Some people want the functionality, others don't. Some people think it's
> a gaping security hole, others don't.
Whether or not it is a gaping security whole is irrelevant if it is not
compiled in, which is the default. More to the point, the proposed
source did not include this define anyway.