Date: Fri, 11 Apr 1997 22:59:30 -0700 From: Pedro Giffuni <pgiffuni@fps.biblos.unal.edu.co> To: Giles Lean <giles@nemeton.com.au> Cc: "Jordan K. Hubbard" <jkh@time.cdrom.com>, hackers@freebsd.org Subject: Re: on the subject of changes to -RELEASEs... Message-ID: <334F24C2.6A21@fps.biblos.unal.edu.co> References: <199704120213.MAA10732@topaz.nemeton.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
Giles Lean wrote: > > On Fri, 11 Apr 1997 17:52:20 -0500 (EST) pgiffuni@fps.biblos.unal.edu.co wrote: > > I have not heard of cracking attempts to sendmail RECENTLY, > > These days they're just a given. Only worth a comment when someone > breaks (publically) the latest released version. > > > but it IS > > recommended to use smrsh (included with sendmail) on all versions. Why > > aren't we including this? > > Because this requires (as you know) that vacation, procmail and > whatever else people use from .forward files be installed in the one > directory that smrsh will run programs from. This will break existing > installations. > vacation yes, but AFAIK procmail won't be affected. "ln -s" would unbreak existing installations :). > I recommend that we make this change for the 3.0 release. > I also use the unprivileged mailer, both options were suggested in an old CERT advisory. Furthermore, I turn sendmail on from inetd under tcp-wrapper control. Crackers got tired of trying my big box (I think 8-)). Pedro. > Giles
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?334F24C2.6A21>