Dan Weber wrote:
BTW, If you submit dbmail2 packages to debian, make sure they hit
experimental, not sid. We can't afford to inherit anymore RC bugs.
I will not ever submit dbmail2 packages in parallel with dbmail-1.2.
Also they will go into sid, not experimental when I can provide a
graceful and fairly fullproof upgrade procedure. I don't expect dbmail-2
to be ready for upload before the sarge release. Unless sarge is
postponed for ever, of course.
For the existing dbmail 1.2.x packages, the security team will have
your head if you don't have it drop privleges since nothing really
makes use of it.
Boy, you are stubborn. read-my-lips: Dbmail at present already drops
privileges. The fact that there remains a single root-process is no
problem since this process does not process requests. This is best practice.
I'll submit some patches so you can use it with
xinetd which ought to make it a bit more secure. Essentially xinetd
is just mimicing the dynamic prefork stuff.
If you could provide a patch that will enable all daemons to talk to
stdin/stdout instead of network sockets, that would be a boon.
--
________________________________________________________________
Paul Stevens mailto:[EMAIL PROTECTED]
NET FACILITIES GROUP PGP: finger [EMAIL PROTECTED]
The Netherlands________________________________http://www.nfg.nl
