On Thu, 10 Mar 2022 12:26:54 +0100
Vitaly Zaitsev via devel <devel@lists.fedoraproject.org> wrote:

> On 10/03/2022 11:55, Alex wrote:
> > May I suggest to leave at least the telnet protocol in curl-minimal
> > for debugging purposes.  
> 
> Telnet is an extremely vulnerable protocol. It must be disable.
> 
> If you need it, you can always install libcurl-full.

I wonder, do you have the "telnet" program installed on your machine(s)?

I'd be surprised if anyone using curl's telnet *client* support wasn't
aware that it was sending plain text over the network, possibly
including any credentials that were being used. A telnet client is,
however, a very useful debugging tool for various other network
protocols, not just the telnet protocol itself. That is, I believe,
what Alex was advocating for, since the curl tool's presence is
well-nigh universal and hence always available for debugging some
network issues.

Paul.
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Reply via email to