Hi Craig, Craig Skinner wrote on Wed, Mar 23, 2016 at 10:07:10AM +0000: > On 2016-03-22 Tue 22:49 PM |, Bob Beck wrote:
>> A few years back, Ingo moved it to the new mandoc based man.cgi, and >> now we've actually moved this to a dedicated place - "man.openbsd.org" > Superb. > > What's next? > > $ ssh [email protected] > > Welcome guest user to OpenBSD's online manual library. > > The only command available is 'man'. > > (For help; type 'man man[ENTER]'.) > > $ Sounds like a bad idea to me. The man(1) utility spawns less(1), and less can spawn editors and shells. So that is hard to secure. Even if it could be secured, i don't like the idea of handing out SSH access to an OpenBSD web server to the general public. A web server is always a fragile beast, and attack surface ought to be minimized. Even if it could the secured and even if there weren't concerns about expanding attack surface, it doesn't look like it could be worth the effort. I don't think there are many people out there expecting to find public information on the Internet on anonymous SSH servers rather than on WWW servers, so it's not likely the service would see much real-world use. And even if there were a few people who would use it, i don't quite see how it would be better for them than what we already have. I mean, http://man.openbsd.org/ works with text browsers on text-only terminals. Yours, Ingo
