Date: Fri, 17 Nov 2000 00:14:45 -0600 (CST) From: Mike Meyer <mwm@mired.org> To: Tim McMillen <timcm@umich.edu> Cc: Boris =?iso-8859-1?Q?K=F6ster?= <koester@x-itec.de>, questions@freebsd.org Subject: Re: Help: Is Sendmail secure? Message-ID: <14868.52437.824166.717745@guru.mired.org> In-Reply-To: <Pine.SOL.4.10.10011170022410.27879-100000@gorf.gpcc.itd.umich.edu> References: <14868.45391.674534.336951@guru.mired.org> <Pine.SOL.4.10.10011170022410.27879-100000@gorf.gpcc.itd.umich.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Tim McMillen <timcm@umich.edu> types: > > > Their view on qmail is that while it has a lot of security > > > *features* it does not necessarily have security. There are still bugs in > > > its code (since it has not been audited for security) and those bugs could > > > possibly be exploited. > > Actually, qmail has been audited. I audited it before switching to it > > from sendmail. That's one of the nice things about it - it's small > > enough that one person can reasonably read and review every line of > > code. > No offense meant at all, but I have no knowledge of your > experience with code auditing. As I understand it there are so many > different issues to look at for security that it's almost impossible for > one person to do it for a large program like a mailer. So many of the > issues are also extremely subtle, like different types of format string > bugs etc. No offense taken. I wouldn't trust an audit by an unkonwn person either. In fact, I wouldn't recommend anyone trust my audit, as it's not something I do regularly. I did that one to reassure myself (and only myself) about qmail. The point is that, while qmail is a rather large system for one person to deal with (being around 15K lines of C), sendmail is six time that size, making it a large system even for a team to deal with. > > While I naturally trust my audit more than someone elses, I recognize > > that more eyes looking at the code is a good thing. There was a > > standing cash reward for security bugs in qmail that went unclaimed. > > That counts for a lot in my book - but if I'd audited sendmail, I > > wouldn't count it for as much as auditing sendmail. > That's excellent. Do you have any reference to an URL for that? I'd > really like to see that. An upcoming project for me is to learn a mailer > well so I'm shopping for the right one too. Given OpenBSD's track record > I tend to trust their opinion a lot. You can read about one of them at <URL: http://web.infoave.net/~dsill/qmail-challenge.html >. I agree about OpenBSD, but they're basically saying they haven't checked qmail, so wouldn't trust it. But the same is true of later versions of sendmail, or the version shipped with some other OS. <mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?14868.52437.824166.717745>