On Thu, Mar 10, 2022 at 6:41 AM Paul Howarth <paul@xxxxxxxxxxxx> wrote: > > On Thu, 10 Mar 2022 12:26:54 +0100 > Vitaly Zaitsev via devel <devel@xxxxxxxxxxxxxxxxxxxxxxx> wrote: > > > On 10/03/2022 11:55, Alex wrote: > > > May I suggest to leave at least the telnet protocol in curl-minimal > > > for debugging purposes. > > > > Telnet is an extremely vulnerable protocol. It must be disable. > > > > If you need it, you can always install libcurl-full. > > I wonder, do you have the "telnet" program installed on your machine(s)? "netcat" or "nc" is a much better, more scriptable tool than telnet. There is no reason for the telnet binary. And the telnet daemon, itself, is profoundly deprecated. > I'd be surprised if anyone using curl's telnet *client* support wasn't > aware that it was sending plain text over the network, possibly > including any credentials that were being used. A telnet client is, > however, a very useful debugging tool for various other network > protocols, not just the telnet protocol itself. That is, I believe, > what Alex was advocating for, since the curl tool's presence is > well-nigh universal and hence always available for debugging some > network issues. curl rather than netcat is simply not being aware of a better tool. Enjoy. _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
