Re: NCPFS Support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sun, 2005-04-10 at 12:49 +0200, Arjan van de Ven wrote:
> > Well it's listed under Packages Deprecated
> >       * ncpfs — No longer part of Fedora Core profile
> >         
> > I guest my question is, why is it being deprecated?
> 
> the thing you need to realize is that novell added tcp/ip support to
> netware somewhere in the 1990's ;) 
> most of these tools are both hardly maintained and often for the pre-tcp
> era of netware...

Well the kernel module for NCPFS supports IPX, UDP and TCP (in 2.4 and
later kernels) to connect to Netware servers.

Later versions of the NCPFS package don't need IPX support in the kernel
and Novell/SuSE has been helping out by submitting patches.  The latest
version (2.2.6) looks to fix the security issues in the 2.2.4 version
that is shipped with fedora.

> I don't know the exact reason for this one, but in general one should
> realize that network facing tools by their nature are a security risk.
> For things like the apache webserver you accept that because 1) the risk
> is relatively low because of the "many eyes on the omnipresent tool"
> concept and 2) the value it provides is very high. For ncpfs I would
> argue the opposite is sort of true; it's relatively obscure which by
> their nature means both undertested and underreviewed and at the same
> time the value added by the thing is also somewhat less than that of the
> apache web server. Imo this balance should always be a consideration for
> package inclusion in any distribution.

Looking at the change log for the 2.2.6 version it looks like it's
getting attention by Novell/SuSE.  So I guess it's probably getting
better maintained now than it was a couple years ago.

Frankly it would be nice to see support for pam_nds that Dr. Pollet
created after filling some bug reports seems to work well in a few
peoples environments.  The pam_nds portion of NCPFS is probably the
least mature portion of the package so can understand it being left out.

I guess I would like to see ncpfs updated to the current 2.2.6 version
and considered "Part of the Fedora Core Profile" and not Deprecated.

If it has been dropped from RHEL 4 then I guess that would be bad as a
future upgrade path for our systems running RH 7.3 that I have been
using Legacy to update (not a situation I'm totally happy with).

Regards,
Paul Berger


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux