Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 16 Nov 1998 11:53:35 -0800 (PST)
From:      Matthew Dillon <dillon@apollo.backplane.com>
To:        Marc Slemko <marcs@znep.com>
Cc:        freebsd-security@FreeBSD.ORG
Subject:   Re: Would this make FreeBSD more secure? 
Message-ID:  <199811161953.LAA21773@apollo.backplane.com>
References:   <Pine.BSF.4.05.9811161121510.12077-100000@alive.znep.com>
next in thread | previous in thread | raw e-mail | index | archive | help 


:>     move sendmail out of root?
:
:No, there are some other reasons as well.  Please read the archives.  
:This stuff has been gone through over and over, and the reasons why
:various things are as they are have been gone over and over.  Lots of
:people have said "oh, that is silly, I don't need that". No one has done
:anything.

    Well, I'm doing something now, eh?  It sounds to me that people have
    discussed this to death quibbling over minor issues for many of these
    programs.  Obviously nobody has taken the issue seriously since ntalkd and
    identd are still root-run and it took me less then a minute to fix
    them.  Even lpd could probably be fixed almost trivially without having 
    to mess with adding kernel features, and lpd alone has had at least three
    known root exploits in the last 10 years.  I don't understand why after
    all that time it is STILL being run as root.

:[...]
:>     There shouldn't even be a discussion here.  It should simply be fixed.
:
:I would be VERY upset if you just magically "fixed" the default sendmail
:setup on FreeBSD, without any discussion, so that all my mail suddenly
:started bouncing because sendmail couldn't run procmail to filter my mail.

    I was talking about lpd here, not sendmail.  Sendmail has its own
    unique set of problems that probably only Eric Allman can fix.

						-Matt

    Matthew Dillon  Engineering, HiWay Technologies, Inc. & BEST Internet 
                    Communications & God knows what else.
    <dillon@backplane.com> (Please include original email in any response)    


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199811161953.LAA21773>