[WBEL-users] Postfix or Sendmail
Joe Klemmer
klemmerj@webtrek.com
Thu, 01 Apr 2004 13:45:27 -0500
On Thu, 2004-04-01 at 09:45, John Hinton wrote:
> The big guy on the block always gets blindside punches. Sendmail more
> bugs? Or sendmail more people trying to break in and finding the holes?
> It could be argued that sendmail has been more thoroughly tested against
> intrusion. Look at Microsoft...
The difference between Sendmail and, for example, Postfix is that
Sendmail was designed and built in such a way that buffer overruns or
stack smashing can potentially lead to root compromises. My
understanding of Postfix and qmail are that they are designed such that
should an overrun happen you can't get root access. Thus it doesn't
matter how many people are trying to break into any of them.
> I'm personally sort of hoping that Linux never makes it to mainstream,
> or we'll be the ones 'everyone' is trying to crack.
Linux will never have the same kind of security situation as MS does
even if everyone in the world switched to it. The design of Linux is
such that it will never be vulnerable to the kinds of security holes
that MS software is. By definition it will always be safer. This
doesn't mean it's immune by any means. It's just that the level of
exploits will be lower and of a different nature.
--
Joe "Kuramarujo" Klemmer | Current rank: Maegashira 15
http://www.webtrek.com/~klemmerj/sumo.html