On Sun, 23 Jan 2000, Russell Nelson wrote:
> > 5. Recommendation
> >
> > Impose the 40 character limitation specified by RFC1939 into qmail.
> > Apply qmail-popup patch http://www.ktwo.ca/c/qmail-popup-patch
>
> I don't recommend applying that patch. Every line of it is wrong. It
> makes qmail-popup less secure, by inserting a call to syslog(), which
Curious, what's so insecure about syslog()?
> is a security disaster. It also sucks in the string library, which
> includes the well-known security hole sprintf().
Does that sprintf() introduce an overflow or is it something else?
>
> --
> -russ nelson <[EMAIL PROTECTED]> http://russnelson.com
> Crynwr sells support for free software | PGPok | "Ask not what your country
> 521 Pleasant Valley Rd. | +1 315 268 1925 voice | can force other people to
> Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | do for you..." -Perry M.
>
--
/* Derek Callaway <[EMAIL PROTECTED]> char *sites[]={"http://www.geekwise.com",
Programmer; CE Net, Inc. "http://www.freezersearch.com/index.cfm?aff=dhc",
(302) 854-5440 Ext. 206 "http://www.homeworkhelp.org",0}; S@IRC */
