From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 20552 invoked from network); 28 Dec 2003 03:19:06 +0000 Received: from smtp.gentoo.org (128.193.0.39) by eagle.gentoo.oregonstate.edu with DES-CBC3-SHA encrypted SMTP; 28 Dec 2003 03:19:06 +0000 Received: from lists.gentoo.org ([128.193.0.34] helo=eagle.gentoo.org) by smtp.gentoo.org with esmtp (Exim 4.24) id 1AaRSM-0004vO-7z for arch-gentoo-dev@lists.gentoo.org; Sun, 28 Dec 2003 03:19:06 +0000 Received: (qmail 2472 invoked by uid 50004); 28 Dec 2003 02:44:08 +0000 Mailing-List: contact gentoo-dev-help@gentoo.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@gentoo.org Received: (qmail 2679 invoked from network); 28 Dec 2003 02:44:07 +0000 From: "Allen Parker" To: Date: Sat, 27 Dec 2003 21:44:06 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.5510 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Thread-Index: AcPM1cHqzQU2wqYxTLCxTAWqjsCxBQAAaimAAAU/lwA= Message-Id: Subject: FW: [gentoo-dev] suggestion: virtual/telnet X-Archives-Salt: cc6fdd57-93a1-4ddb-8260-a570bf2a40bd X-Archives-Hash: 23adc9ae80369e2d30637ef7ea8a8492 Sorry, the first time I sent it, I hit the wrong reply button. > -----Original Message----- > From: Allen Parker [mailto:allenp@efn.org] > Sent: Saturday, December 27, 2003 7:32 PM > To: 'Ciaran McCreesh' > Subject: RE: [gentoo-dev] suggestion: virtual/telnet > > I must pipe up on this one. When a user asks for "telnet" they're usually > not aware of the security risks involved. (kinda makes me wonder why it's > installed by default on Debian :-\) Probably the best way to handle this > is to create a virtual/telnet and add a default package that when > uninstalled displays a basic readme saying telnet isn't secure and why, > asks the user if they still want to do it, and THEN after they've > confirmed that they do in fact want telnet, allow them to emerge whichever > telnet they choose. > > So, to re-state because I'm not even sure what I said up there: > Create package block-telnet that does as it's name implies, blocks the > virtual/telnet package so that no other telnetd/telnet client may be > emerged without removing it first. > Setup block-telnet to install something like /usr/share/doc/telnet-readme > (the contents of the same thing you read when you remove block-telnet) and > upon unmerge fire off a simple shell script that less's the same file > (hidden) that is telnet-readme with a yes/no choice saying are you sure > you wish to remove me? > Add block-telnet -> virtual/telnet as a virtual/telnet blocker by default > for all arch/stage/devel profiles under system instead of world and make > it a default package (like nano) for Gentoo 2004. > > It honestly seems to me that this would probably take any dev minutes to > set the virtual up this way and it would also allow very fast, short > answers in regards to getting questions on telnet: > > Eg: > User: how do I install telnet? > Dev: emerge unmerge block-telnet ... and read what it says. > User: thanks for your help! > > That's my 2/100ths of a monetary unit. > Allen Parker > > > -----Original Message----- > > From: Ciaran McCreesh [mailto:ciaranm@gentoo.org] > > Sent: Saturday, December 27, 2003 6:06 PM > > To: gentoo-dev@lists.gentoo.org > > Subject: Re: [gentoo-dev] suggestion: virtual/telnet > > > > On Sat, 27 Dec 2003 23:03:23 +0100 Spider wrote: > > | Well, > > | this is something that a lot of users ask about (how do I get > > | telnet?) > > > > Wouldn't it be better to educate the users to get rid of that 'type in > > emerge telnet to install telnet' mentality? > > > > -- > > Ciaran McCreesh > > Mail: ciaranm at gentoo.org > > Web: http://dev.gentoo.org/~ciaranm -- gentoo-dev@gentoo.org mailing list