From owner-freebsd-questions@FreeBSD.ORG  Fri Jul 25 09:55:19 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id BD5B337B404
	for <freebsd-questions@freebsd.org>;
	Fri, 25 Jul 2003 09:55:19 -0700 (PDT)
Received: from mailhub.yumyumyum.org (dsl092-171-091.wdc1.dsl.speakeasy.net
	[66.92.171.91])	by mx1.FreeBSD.org (Postfix) with ESMTP id EC99543F93
	for <freebsd-questions@freebsd.org>;
	Fri, 25 Jul 2003 09:55:18 -0700 (PDT)
	(envelope-from culverk@yumyumyum.org)
Received: by mailhub.yumyumyum.org (Postfix, from userid 1001)
	id 708E167; Fri, 25 Jul 2003 12:54:22 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1])
	by mailhub.yumyumyum.org (Postfix) with ESMTP
	id 6BA165F; Fri, 25 Jul 2003 12:54:22 -0400 (EDT)
Date: Fri, 25 Jul 2003 12:54:22 -0400 (EDT)
From: Kenneth Culver <culverk@yumyumyum.org>
To: Lucas Holt <luke@foolishgames.com>
In-Reply-To: <205079C8-BEC0-11D7-B8A9-0030656DD690@foolishgames.com>
Message-ID: <20030725125108.S24957@alpha.yumyumyum.org>
References: <205079C8-BEC0-11D7-B8A9-0030656DD690@foolishgames.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
cc: Peter Rosa <prosa@pro.sk>
cc: freebsd-questions <freebsd-questions@freebsd.org>
Subject: Re: What version of BSD should I use
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Jul 2003 16:55:20 -0000

> Sendmail works fine in FreeBSD 4.8.  Named is considered insecure
> because people use it.  If you pick another product to be "safe", make
> sure no one uses it.  Any suggestion on this list would be to popular
> to be "safe".  As I said in my last email, people find holes in popular
> software more often because they are looking.
>
Sendmail "works" fine, but it's slow and is really nasty to configure
properly, which is why I suggested postfix. Named is considered insecure
because it's insecure. It's a big program with lots of past exploits, and
new ones being discovered very often. djbdns is very small, and has yet to
have a single exploit found. (It's possible that's because people don't
use it as much) I've also found that djbdns is significantly faster than
named and easier to configure.


> If you keep your software up to date, you are "safe" from named or
> sendmail exploits.  This is true on all platforms and will remain true.
> (well ok microsoft doesn't fix everything)
>

You may be right here, but certain pieces of software have a history of
being buggy and easily exploited; sendmail and named fit this description.

Ken