On Sat, Apr 19, 2003 at 02:44:44AM -0500, David Phillips wrote: > Yeah, I was just making up all of these security holes: > > http://cr.yp.to/maildisasters/sendmail.html > You realize that most of these are not security related, and only a few are remove root exploits. Considering it's from 1993 and forward.. > Not to mention all the ones found since then, including the two found this > year (and it's not even May!). > > qmail is secure. If it's not, prove it and claim your $500. So, the previous exploits for qmail were all fixed, and now it's 100% guaranteed secured. Mmmkay. > Which more > closely follows the UNIX tradition? A single, monolithic daemon that does > everything as root; or separate programs, each running with the credentials > they need, that do a single, well defined task? I'm sorry, I think you're confused. sendmail certainly doesn't run everything as root, and it's not a single monolithic daemon doing everything. Once again perhaps you need someone else to hold your hand to install it properly. Sounds like more FUD. There's no problem with saying 'I prefer xyz because qrs is too complicated for me', but your only real point is that sendmail has had more *bugs* than qmail. I would expect this for a daemon that has been around for a hell of a lot longer than qmail, and is used by a lot more people. > > -- > David Phillips <david at acz.org> > http://david.acz.org/ -- Matthew S. Hallacy FUBAR, LART, BOFH Certified http://www.poptix.net GPG public key 0x01938203 _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota http://www.mn-linux.org tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list