> A root compromise of the system isn't the only thing one has to worry
> about. I'd be pretty pissed if someone inserted something into my skel
> that resulted in all of my email being duplicated and sent to someone
> else. Using cp when you could just copy the files in C in a secure
> manner is just silly. Its also less efficient, as an added bonus.
> Exploitable just isn't safe enough. I've disagreed with Tom about the
> level of paranoia required (see the password/salt generation thread),
> but in this case he's absolutely right about requiring more than the
> current patch supplies.
Who will be our saviour and take on the task to make the patch secure and
worthy to be a part of vpopmail future releases
( P.S. sorry Nick if you've recived the message twice
I pressed the wrong reply button at first )