Subject: Re: Proposal for new utility in base: bin/nc
To: Alistair Crooks <>
From: Mike Pelley <>
List: tech-userlevel
Date: 10/17/2001 13:23:56
Alistair Crooks wrote:

>>Clearly it is not required nor advised to compile netcat with the 
>>-DGAPING_SECURITY_HOLE define, so I do not understand why you are 
>>concerned.  Apache offers a similar define to run as root but since 
>>pkgsrc does not enable it there is no problem.  Additional functionality 
>>available for special circumstances that is disabled by default during 
>>compile time (and clearly labelled as dangerous) should not be 
>>considered a security flaw.
> Some people want the functionality, others don't. Some people think it's
> a gaping security hole, others don't.

Whether or not it is a gaping security whole is irrelevant if it is not 
compiled in, which is the default.  More to the point, the proposed 
source did not include this define anyway.