Date: Mon, 25 Nov 1996 11:33:35 +0600 From: Tim Pierce <twpierce@bio-3.bsd.uchicago.edu> To: jgreco@brasil.moneng.mei.com Cc: peter@taronga.com, hackers@freebsd.org Subject: Re: Replacing sendmail (Re: non-root users binding to ports < 1024 (was: Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2 Message-ID: <9611251733.AA10822@bio-5.bsd.uchicago.edu> In-Reply-To: <199611250144.TAA13851@brasil.moneng.mei.com> (message from Joe Greco on Sun, 24 Nov 1996 19:44:29 -0600 (CST))
next in thread | previous in thread | raw e-mail | index | archive | help
Joe Greco <jgreco@brasil.moneng.mei.com> said: > > Have you looked at qmail? The bits exposed to the outside world don't > > even run as root. EVER. > > As a matter of fact, the last Sendmail security problem involved a bug > that I suspect people would also have claimed "[the] bits [that are] > exposed to the outside world don't even run as root." I sincerely hope you don't think of this as a point in sendmail's favor.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9611251733.AA10822>