SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
SeaMonkey 2.53.16 contains (among other changes) the following major changes relative to SeaMonkey 2.53.15:
No throbber in plaintext editor bug 85498.
Remove unused gridlines class from EdAdvancedEdit bug 1806632.
Remove ESR 91 links from debugQA bug 1804534.
Rename devtools/shim to devtools/startup bug 1812367.
Remove unused seltype=text|cell css bug 1806653.
Implement new shared tree styling bug 1807802.
Use `win.focus()` in macWindowMenu.js bug 1807817.
Remove WCAP provider bug 1579020.
Remove ftp/file tree view support bug 1239239.
Change calendar list tree to a list bug 1561530.
Various other updates to the calendar code.
Continue the switch from Python 2 to Python 3 in the build system.
Verified compatibility with Rust 1.66.1.
BUT, they are right - this FTP protocol is extremely insecure, just like is TELNET. It's specially prone to Man In Middle attacks.
Maybe this is less important important for you - depending on your place to live, BUT many people from other places may will want to ensure that the files downloaded from ftp.slackware.com are really from there, and not from a clone server from the other side of Earth, maintained by some Men in Black.
Last edited by LuckyCyborg; 05-09-2023 at 03:52 AM.
BUT, they are right - this FTP protocol is extremely insecure, just like is TELNET. It's specially prone to Man In Middle attacks.
Maybe this is less important important for you - depending on your place to live, BUT many people from other places may will want to ensure that the files downloaded from ftp.slackware.com are really from there, and not from a clone server from the other side of Earth, maintained by some Men in Black.
1) Some states forbid the use of protocols resistant to Man In Middle attack in many applications.
2) Most if not all secure protocols are cache-unfriendly.
3) Why don't verify signatures if you have a trusted local machine?
Quote:
By rworkman on 2017-06-16
The mirrors.slackware.com site is now available via https only. Note that there is *not* any guarantee that you will be redirected to an https mirror. However, the package md5 sums and gpg signatures are (intended to be) served directly from this site, so you should have an added layer of trust that the content of those files was not modified in transit if you use https instead.
... BUT many people from other places may will want to ensure that the files downloaded from ftp.slackware.com are really from there, and not from a clone server from the other side of Earth, maintained by some Men in Black.
That's what signature files are for. MITM of a https connection will be no problem for a State level actor.
That said, ftp is a bad protocol for a number of reasons and its good that it's going away. I was more upset with the loss of gopher to be honest as that one is still useful.
This release adds a month's worth of new translations and fixes from KDE's contributors.
The bugfixes are typically small but important and include:
Code:
- Bluedevil Applet: introduce a brief animation for section height estimates.
- Discover Flatpak: Do not crash if for any reason we lack a ref's source.
- Info Centre About-distro: add a dump mode to print to cli.
SeaMonkey 2.53.16 contains (among other changes) the following major changes relative to SeaMonkey 2.53.15:
...
Remove ftp/file tree view support bug 1239239.
...
Yes, quite strange that FTP removal is in the SM 2.53.16 changelog but actually was not removed.
Firefox on the other hand _did_ completely remove FTP capability almost 2yrs ago.
...suggests to me that it is a particular view of ftp sites ("tree view") that has been removed, not ftp client capabilities entirely.
I am running SeaMonkey 2.53.16 on 15.0, and I can for sure log onto my own ftp server. I cannot expand directories, though - clicking on a directory just loads that directory, replacing the previous view/page. At a guess "tree view" would allow you to expand that directory within the same view.
...suggests to me that it is a particular view of ftp sites ("tree view") that has been removed, not ftp client capabilities entirely.
I am running SeaMonkey 2.53.16 on 15.0, and I can for sure log onto my own ftp server. I cannot expand directories, though - clicking on a directory just loads that directory, replacing the previous view/page. At a guess "tree view" would allow you to expand that directory within the same view.
>> Please change "network.dir.format" to 3 and then browse any ftp/local
> directories.
> I confirmed it with SeaMonkey 2.39 release.
Oh, beeyootiful!
With that value, the directory is displayed in tree format,
like the Bookmarks Manager, also in 2.43a1 trunk.
That 'network.dir.format' config setting has been removed from SM v2.53.16
Could we please get a 'custom build' of firefox with FTP re-enabled ?
Probably not, because this FTP support was removed 2 years ago from Firefox.
And you know, the Slackware ships the software as intended by its developers - also that's why in Slackware is a web-browser named Firefox and not it's named Iceweasel or Bob's Pipe.
Last edited by LuckyCyborg; 05-09-2023 at 12:00 PM.
Probably not, because this FTP support was removed 2 years ago from Firefox.
And you know, the Slackware ships the software as intended by its developers - also that's why in Slackware is a web-browser named Firefox and not it's named Iceweasel or Bob's Pipe.
That said, ftp is a bad protocol for a number of reasons and its good that it's going away. I was more upset with the loss of gopher to be honest as that one is still useful.
I agree that ftp is unsafe for account login as everything is sent in clear text. However, what is the problem with anonymous ftp? As you and others have said, gpg is used to verify that the files are really from Slackware and that they have not been modified. That kind of check should be done even if downloaded with something else like https. In my experience ftp is usually one of the faster protocols and ftp is basically only used for anonymous ftp downloads.
Well, I was just guessing. Internet Exploder used to have an option to "enable folder view for ftp" or something like that, and it was not on by default. Google can't find me any web pages that tell me what "tree view" was supposed to do for SeaMonkey - maybe hooks for some add-ins? We'll probably never know...
I agree that ftp is unsafe for account login as everything is sent in clear text. However, what is the problem with anonymous ftp? As you and others have said, gpg is used to verify that the files are really from Slackware and that they have not been modified. That kind of check should be done even if downloaded with something else like https. In my experience ftp is usually one of the faster protocols and ftp is basically only used for anonymous ftp downloads.
regards Henrik
I'll make this my last post because this is "Requests for Current" and we're going a little tangential.
As long as you have no privacy concerns with someone seeing what you're downloading, then anonymous ftp is fine, although I will argue that for that specific purpose it's an overcomplicated protocol and something gopher was better suited to. What ftp had going for it over gopher was that it is bi-directional: also allowing you to upload.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
