Re: why qmail is more secure, was: Mailing list performance

2000-08-02 Thread Dave Sill

Ronny Haryanto [EMAIL PROTECTED] wrote:

On 02-Aug-2000, Dave Sill wrote:
 I don't think it's quite as secure as qmail

Would you care to shed some light on why you don't think so?

Two reasons:

1) Postfix only uses a single uid. qmail uses six.

2) Wietse's code is buggier than Dan's. Check the historical record.
(To be fair, *everyone's* code is buggier than Dan's. :-)

Postfix *can* be configured to run chrooted, which is a plus for
it. But that doesn't outweigh the above.

-Dave



Re: why qmail is more secure, was: Mailing list performance

2000-08-02 Thread Ronny Haryanto

On 02-Aug-2000, Dave Sill wrote:
 1) Postfix only uses a single uid. qmail uses six.

Why is using more than one uid better? What sort of security problem
would using one uid potentially pose?

 2) Wietse's code is buggier than Dan's. Check the historical record.
 (To be fair, *everyone's* code is buggier than Dan's. :-)

Well, IMHO, nobody's perfect, period :). Although I'm sure Dan and
Wietse are two of the very best in the field.

 Postfix *can* be configured to run chrooted, which is a plus for
 it. But that doesn't outweigh the above.

Thanks for the insight.

Ronny



Re: why qmail is more secure, was: Mailing list performance

2000-08-02 Thread Michael T. Babcock

The multiple UIDs provide a few failsafes, if nothing else, whereby one
broken / buggy / replaced binary can't do damage to files it doesn't own.
DJB has comments about this in the readmes, if I'm not mistaken.

- Original Message -
From: "Ronny Haryanto" [EMAIL PROTECTED]


 On 02-Aug-2000, Dave Sill wrote:
  1) Postfix only uses a single uid. qmail uses six.

 Why is using more than one uid better? What sort of security problem
 would using one uid potentially pose?




Re: why qmail is more secure, was: Mailing list performance

2000-08-02 Thread David Dyer-Bennet

Ronny Haryanto [EMAIL PROTECTED] writes on 2 August 2000 at 09:35:52 -0500
  On 02-Aug-2000, Dave Sill wrote:
   I don't think it's quite as secure as qmail
  
  Would you care to shed some light on why you don't think so? Not to
  ignite flames but for informational purposes. I use both qmail and
  postfix and it is very interesting to understand not just the
  strengths, but also the weaknesses of both.

The Postfix code is significantly larger, so if the bug rate per line
is the same, there are more bugs present.  

It's less partitioned than qmail -- qmail partitions its functions
among the 7 UIDs so that the extent of damage possible of one program
is insecure is quite limited.

However, as a recently-written piece of software, designed with
security in mind, and written by somebody who is good at security,
postfix should be quite safe, as such things go.
-- 
Photos: http://dd-b.lighthunters.net/ Minicon: http://www.mnstf.org/minicon
Bookworms: http://ouroboros.demesne.com/ SF: http://www.dd-b.net/dd-b 
David Dyer-Bennet / Welcome to the future! / [EMAIL PROTECTED]