Sam [mailto:[EMAIL PROTECTED]] wrote:
> I presume then you leave your telnet port open on your servers because,
> after all, it is secure.
I presume you never make a mistake programming.
You can't have it both ways. If you place the following disclaimer on your
SqWebMail site, please don't get ticked off when people don't want to use your
code because it is set-uid root.
"This is alpha code. It may crash. Your hard drive
may catch fire as a result of using this CGI client.
It may not work at all. It may work, but have a
security hole or exploit, somewhere."
...or you don't stand behind that disclaimer and have no problem being
personally liable for any security exploits your software might have?
- David Harris
Principal Engineer, DRH Internet Services
