On Thu, 10 Mar 2022 12:26:54 +0100 Vitaly Zaitsev via devel <devel@xxxxxxxxxxxxxxxxxxxxxxx> wrote: > On 10/03/2022 11:55, Alex wrote: > > May I suggest to leave at least the telnet protocol in curl-minimal > > for debugging purposes. > > Telnet is an extremely vulnerable protocol. It must be disable. > > If you need it, you can always install libcurl-full. I wonder, do you have the "telnet" program installed on your machine(s)? I'd be surprised if anyone using curl's telnet *client* support wasn't aware that it was sending plain text over the network, possibly including any credentials that were being used. A telnet client is, however, a very useful debugging tool for various other network protocols, not just the telnet protocol itself. That is, I believe, what Alex was advocating for, since the curl tool's presence is well-nigh universal and hence always available for debugging some network issues. Paul. _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
