Request: drop kxmlrpc daemon for 3.2
Tobias Koenig
tokoe at kde.org
Mon Oct 20 09:09:45 BST 2003
On Mon, Oct 20, 2003 at 12:38:12AM +0200, Daniel Molkentin wrote:
> Hi!
Hi Danimo,
> After talking about the usefulness of the kxmlrpc daemon (localted in the
> kdenetwork module) on IRC, we we figured:
>
> 1. It's useless (requires the dcop cookie which "outsiders" cannot know about
> and there is no alternative "real" authentication, which makes the whole
> thing pointless for reallife purposes).
> 2. It's unmaintained, Kurt does no longer bear with the project and nobody
> else cared so far.
> 3. It's a potential security thread to those who activate it (It is disabled
> by default for very good reasons) and I don't think we should ship services
> that are a potential security threat.
> 4. It is poorly implemented and has close to no fault tolerancy and likes
> crashing at quite some "corner cases" (as reported by Tim Jansen who had a
> closer look at it). I guess that's all the result of the fact that nobody
> uses it, see 1. and recurse ;)
Removing the daemon is fine with me, but we should move the parsing code
to a library and add a XMLRPC creation code + network connection
handling, so that a KDE app can easily talk to XMLRPC servers.
Ciao,
Tobias
--
Can a government that shoots at reporters be democratic?
Separate politics from religion and economy!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20031020/69f80ed2/attachment.sig>
More information about the kde-core-devel
mailing list