Request: drop kxmlrpc daemon for 3.2

[Daniel Molkentin]

Hi!

After talking about the usefulness of the kxmlrpc daemon (localted in the 
kdenetwork module) on IRC, we we figured:

1. It's useless (requires the dcop cookie which "outsiders" cannot know about 
and there is no alternative "real" authentication, which makes the whole 
thing pointless for reallife purposes).
2. It's unmaintained, Kurt does no longer bear with the project and nobody 
else cared so far.
3. It's a potential security thread to those who activate it (It is disabled 
by default for very good reasons) and I don't think we should ship services 
that are a potential security threat.
4. It is poorly implemented and has close to no fault tolerancy and likes 
crashing at quite some "corner cases" (as reported by Tim Jansen who had a 
closer look at it). I guess that's all the result of the fact that nobody 
uses it, see 1. and recurse ;)

So if nobody has very good arguments against this proposal and if the release 
dude agrees, I'd ask an CVS admin to move kxmlrpcd to kdeblackhole.

Cheers,
  Daniel


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: signature
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20031020/a304844f/attachment.sig>