At 2007-08-28T12:39:43+1200, Steve Holdoway wrote:
> Not for sendmail, that's for sure.
No, definitely for sendmail. I forgot to trim the PHP bit. PHP has had
some problems, but mostly it gets a bad rap due to the popular but terrible
(wrt security) applications built with it.
sendmail has a long, long history of poor security. It's supposed to be
better now (as of, 2004ish?), but I certainly still don't trust it a great
deal. For instance, remote root vulnerabilities[0] still show up far too
frequently for me to feel comfortable with it.
[0] CVE-2006-0058, affecting all Unix-like platforms.
Cheers,
-mjg
--
Matthew Gregan |/
/| [EMAIL PROTECTED]
