tobold.org

correct • elegant • free

△ comp.mail.* △

◅ violation of "be liberal in what you accept" considered harmful

Qmail - 1) does anyone have it compiled; 2) does anyone recommend it? ▻

bug-of-the-month club redivivus

In article <4vcav5$afc@nala.devnet.lejonet.se>,
Anders Thulin <ath@nala.devnet.lejonet.se> wrote:
>  Do the reactions change in any way if you replace 'sendmail' with
>'qmail' in the quoted text above?

Absolutely.  For a start...

  -r-sr-x--x  1 root     bin    134944 Feb 16  1995 /usr/lib/sendmail
  -rwsr-xr-x  1 qmailq   qmail   14733 Aug  5 18:44 /var/qmail/bin/qmail-queue

The only setuid binary in the qmail package is a fraction of the size of
sendmail, and it's setuid to a qmail-specific user, not root.

For more information on how qmail was designed with security in mind,
see the file SECURITY in the distribution.

Tim.
--
Tim Goodwin   | "USENET, of course, is a pure and unadultered source
Cambridge, UK | of truth and wisdom." -- Richard Kettlewell

Original headers:

From: tim@pipex.net (Tim Goodwin)
Newsgroups: comp.mail.sendmail,comp.security.unix
Subject: Re: bug-of-the-month club redivivus
Date: 20 Aug 1996 16:13:09 GMT
Organization: Unipalm PIPEX
Message-ID: <4vco6l$3n1@wave.news.pipex.net>
References: <xcdybjqt2ay.fsf@woodlawn.uchicago.edu>
  <1996Aug2003.03.38.12615@koobera.math.uic.edu>
  <4vcav5$afc@nala.devnet.lejonet.se>

△ comp.mail.* △

◅ violation of "be liberal in what you accept" considered harmful

Qmail - 1) does anyone have it compiled; 2) does anyone recommend it? ▻