> > > > I really want to delete telnet entirely, > > > > > > I often use it for testing unencrypted SMTP and HTTP across the > > > Internet. Which tool would you recommend for that purpose? > > > > nc(1). > > I use telnet fairly often for connecting to things like crappy switches, > crappy routers, APs of varying crappiness, etc. nc -t isn't close to being > good enough for this, also with nc it's difficult to send things like ^C > (even worse, if you use it much you forget about this and end up killing > your connection). I wouldn't mind having it removed from base, but would > need to go in ports unless nc gets a lot of polishing.
This conversation is going far too meta. I am not deleting telnet. That is why I am going through the effort of shrinking it, and then pledging it. pledge is even more relevant when dealing with bowls of unmaintained spaghetti. > > > You might wish to cross-check these three points though: > > > > > > * Does "inet" actually allow the following setsockopt() > > > arguments: SO_DEBUG, SO_RTABLE, IP_TOS, IPV6_TCLASS? > > > I know nothing about socket options. > > > > I think all of those should be deleted, except perhaps SO_RTABLE, > > which should be done line in nc(1). > > TOS/TCLASS are somewhat important, nc and ssh in client mode also > use them. IP_TOS is permitted by "inet". IPV6_TCLASS was missed but > should be added, it's the IPv6 equivalent to IP_TOS. > > Index: kern_pledge.c > =================================================================== > RCS file: /cvs/src/sys/kern/kern_pledge.c,v > retrieving revision 1.106 > diff -u -p -r1.106 kern_pledge.c > --- kern_pledge.c 10 Nov 2015 04:30:59 -0000 1.106 > +++ kern_pledge.c 13 Nov 2015 17:11:20 -0000 > @@ -1275,6 +1275,7 @@ pledge_sockopt(struct proc *p, int set, > break; > case IPPROTO_IPV6: > switch (optname) { > + case IPV6_TCLASS: > case IPV6_UNICAST_HOPS: > case IPV6_RECVHOPLIMIT: > case IPV6_PORTRANGE: Yes, I decided they should stay. Commited the same diff 1 minute ago already.