Date: Thu, 02 Jan 2003 11:21:44 -0800 From: Terry Lambert <tlambert2@mindspring.com> To: sthaug@nethelp.no Cc: freebsd-current@FreeBSD.ORG Subject: Re: 5.0-RC2 informal PR: 90 sec sendmail delay Message-ID: <3E149148.83AA6E9B@mindspring.com> References: <3E13D095.FC52B758@mindspring.com> <7931.1041493203@verdi.nethelp.no>
next in thread | previous in thread | raw e-mail | index | archive | help
sthaug@nethelp.no wrote: > > > If there are problems, the authors would like to hear > > > about it directly, instead of reading it in some mailing > > > list by accident... > > > > It's an editorial complaint. I don't like the breaking the > > program into seperate programs by function. IMO, DJB is wrong, > > and this does nothing to enhance security. > > It's not only DJB. Take a look at Postfix, which also has a good > reputation for security. Postfix consists of separate programs > with well defined privileges. Wietse Venema has been quite clear > that such a separation was the only way he could guarantee the > security of Postfix. Functional decomosition is only a tool. It is not the sole tool capable of performing any task. I understand why Wietse felt that way, but his feeling that way doesn't make it true, any more than Daniel feeling that way makes it true. In fact, in this case, the only thing it succeeds in doing is to provide insurance that a breech will be constrained to a lesser (user) priviledge level, rather than providing protection against the breech occurring in the first place. It's basically nothing more than a containment protocol. FWIW, I think doctors should treat diseases, and not merely the symptoms. -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3E149148.83AA6E9B>