Dave Sill <[EMAIL PROTECTED]> writes on 20 August 1999 at 15:51:59 -0400
> James Smallacombe <[EMAIL PROTECTED]> wrote:
> >
> >For sure. In the past 3+ years I've been running qmail, Sendmail's gotten
> >a whole lot better, both from a security standpoint, and an ease of
> >configuration standpoint.
>
> 1) Lack of reported vulnerabilities <> more secure.
True. But a significant drop in the rate at which vulnerabilities are
reported, in a very-widely-used package which has traditionally had a
lot of vulnerabilities, is a good sign. I don't see the number of
sendmail installations having dropped enough, or the focus of the
people hacking changed enough, for the change in exploits to reflect
much other than the improvement in sendmail security.
Do I think sendmail is as secure as qmail today? No, I do not. Do I
think the latest sendmail is more secure than sendmail 3 years ago? I
sure do!
--
David Dyer-Bennet ***NOTE ADDRESS CHANGES*** [EMAIL PROTECTED]
http://dd-b.lighthunters.net/ (photos) Minicon: http://www.mnstf.org/minicon
http://www.dd-b.net/dd-b (sf) http://ouroboros.demesne.com/ Ouroboros Bookworms
Join the 20th century before it's too late!
