The List has returned! [x-adr]
Garrett Goebel
garrett at scriptpro.com
Thu Jul 31 19:05:21 CDT 2003
Gerald Combs wrote:
> On Thu, 31 Jul 2003, Frank Wiles wrote:
> >
> > Also, the days when Sendmail was a big security risk are
> > pretty much gone. Yes I will admit it has had a checkered
> > past, but honestly how many Sendmail specific security
> > holes have there been in the last year?
>
> According to cve.mitre.org, there have been several:
>
> http://www.cve.mitre.org/cgi-bin/cvekey.cgi?keyword=sendmail
>
And how many in qmail? Zero.
While his own license is fairly open (more open than Netscape's was when
RedHat was distributing its binaries)... its pretty obvious DJB has
something against gnu and open source licenses. I wonder what it is? Loss of
control over _his_ code? Does anyone know of anything he's written directly
on this point?
Compile from source distributions like Gentoo are practially unrestricted by
DJB's licensing terms. He does explicitly allow you to download and compile
his source. And makes explicit your rights to do whatever you want with it
thereafter (http://cr.yp.to/softwarelaw.html). As far as I've read, he just
won't allow modified binaries.
It just seems kind of sad that you wind up with multiple series of patches
against qmail... like some throw-back to minix. That will take you only so
far.
--
Garrett Goebel
IS Development Specialist
ScriptPro Direct: 913.403.5261
5828 Reeds Road Main: 913.384.1008
Mission, KS 66202 Fax: 913.384.2180
www.scriptpro.com garrett at scriptpro dot com
More information about the Kclug
mailing list