From owner-freebsd-security Sun Nov 17 21:36:41 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id VAA12291 for security-outgoing; Sun, 17 Nov 1996 21:36:41 -0800 (PST) Received: from rover.village.org (rover.village.org [204.144.255.49]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id VAA12197 for ; Sun, 17 Nov 1996 21:36:07 -0800 (PST) Received: from rover.village.org [127.0.0.1] by rover.village.org with esmtp (Exim 0.56 #1) id E0vPMN0-0003py-00; Sun, 17 Nov 1996 22:35:46 -0700 To: Marc Slemko Subject: Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2). Cc: Mark Newton , freebsd-security@freebsd.org In-reply-to: Your message of "Sun, 17 Nov 1996 22:30:19 MST." References: Date: Sun, 17 Nov 1996 22:35:46 -0700 From: Warner Losh Message-Id: Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk In message Marc Slemko writes: : While agree with what Warner says below, I think Warner would agree : that there is no reason that there should not be a fast easy : no-brains method of switching to a more secure system, with the : accompanying limitations, if so desired. Agreed. cd /usr/ports/mail/XXXX ; make ; make install should, in an ideal world, be all that is needed. Or something that is that simple to do. : - updating your system with recent patches for things like the : bazillion holes that have been found in the past, are being : found now, and will be found long into the future. :-) Look at the lpr/lpd checkins I've made :-). In fact, if others want, the OpenBSD CVS tree is a weath of patches for those that have the time to wade throught it. : - shooting intruders on sight. Naw. Boiling them in hot oils is much more fun :-). Warner