LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

also ALT Linux, but...

also ALT Linux, but...

Posted Mar 22, 2006 21:11 UTC (Wed) by gvy (guest, #11981)
In reply to: also ALT Linux, but... by dmantione
Parent article: A serious sendmail security hole

Anything but security is nice indeed.

(Log in to post comments)

also ALT Linux, but...

Posted Mar 22, 2006 21:25 UTC (Wed) by TwoTimeGrime (guest, #11688) [Link]

Nice troll, but Sendmail has been quite secure for some time now. Maybe 10 years ago it was a mess of security holes but the Sendmail folks have learned their lesson. Sendmail is very secure. Everything has a hole appear everyone once in a while. Postfix is not a SMTP panacea.

Security in Sendmail vs. Postfix (or qmail or probably exim)

Posted Mar 22, 2006 21:36 UTC (Wed) by rfunk (subscriber, #4054) [Link]

Two words: remote root.

Security in Sendmail vs. Postfix (or qmail or probably exim)

Posted Mar 24, 2006 17:27 UTC (Fri) by TwoTimeGrime (guest, #11688) [Link]

The Linux kernel has had remote root bugs too. Should we all abandon it in favor of something else?

Security in Sendmail vs. Postfix (or qmail or probably exim)

Posted Mar 24, 2006 17:43 UTC (Fri) by rfunk (subscriber, #4054) [Link]

Possibly.

But when was the last time a remote root hole was discovered in the Linux kernel? How many have there been in "modern times" (say, since 2000)?

And can you provide a link to a remote-root Linux kernel hole? I'm aware of local-root and remote-DoS holes, but no remote-root holes.

also ALT Linux, but...

Posted Mar 22, 2006 23:12 UTC (Wed) by bastiaan (guest, #5170) [Link]

Maybe 10 years ago it was a mess of security holes but the Sendmail folks have learned their lesson.

They have learnt their lessons indeed. That's why they ditched the monolithic spaghetti hell of Sendmail 8 and are writing Sendmail X from scratch! Anyone who has taken a look at the horrible crufty source code of Sendmail 8 knows it's not maintainable anymore. It has constructs like macros that contain return statements, functions that go on for pages and pages, all kinds of if-else statements for obsolete configuration file verions, etc.... yuk!

also ALT Linux, but...

Posted Mar 29, 2006 17:10 UTC (Wed) by erwbgy (subscriber, #4104) [Link]

Sendmail is very secure.

Care to bet $1000 on that statement?

Everything has a hole appear everyone once in a while.

Not true.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds