From: Geoff Collyer <geoff@collyer.net>
To: 9fans@cse.psu.edu
Subject: Re: [9fans] So What is P9 good for.....
Date: Mon, 17 Feb 2003 03:32:49 -0800 [thread overview]
Message-ID: <92d7d2b250ac5638b5c07aa37f25621b@collyer.net> (raw)
In-Reply-To: <3E4DD1E5.6090101@null.net>
> CERT still receives security problem reports for bind, sendmail, etc.,
As I commented to friends recently,
> I've just been looking at the security bugs fixed in the pre-release
> of freebsd 5.0 and it's dozens (maybe hundreds) of nasty bugs. Worse,
> it's the usual suspects: buffer overflows, bugs in BIND and the DNS
> resolver, bugs in sendmail (inconceivable!).
It's twenty years on, and lunix distributions still include sendmail
and BIND, despite their size, slowness, complexity, buginess, painful
configuration files and long history of security bugs, usually due to
buffer overruns. There are certainly plausible alternatives to
sendmail available. I'm not sure about BIND, but I'd rather port dns
and whatever machinery it needs to Unix than deal with BIND again.
The stupidity of permitting (nay, encouraging) forward and reverse
maps to differ is bad enough, but it nibbles at you, with
manually-maintained zone serial numbers and trailings dots and just
endless crap. (Of course, the DNS itself won't win any beauty
contests, but that's a harder problem.)
The first security measures I take when installing lunix are:
- find any sendmail processes and kill them all.
- find all sendmail binaries, set permissions to 0 and then remove them.
- find any sendmail queue directories or configuration files and remove them.
What's wrong with these lunix people, are they stupid or something? ☺
next prev parent reply other threads:[~2003-02-17 11:32 UTC|newest]
Thread overview: 75+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-02-13 15:21 John Stalker
2003-02-13 15:38 ` Ronald G. Minnich
2003-02-13 15:43 ` Boyd Roberts
2003-02-13 15:53 ` Phil White
2003-02-13 23:25 ` Jim Choate
2003-02-14 19:45 ` Dan Cross
2003-02-14 21:04 ` Phil White
2003-02-13 16:51 ` matt
2003-02-14 9:31 ` Douglas A. Gwyn
2003-02-14 15:11 ` Ronald G. Minnich
2003-02-17 9:53 ` Douglas A. Gwyn
2003-02-17 11:32 ` Geoff Collyer [this message]
2003-02-17 12:06 ` Lucio De Re
2003-02-17 13:36 ` Russ Cox
2003-02-17 13:41 ` Lucio De Re
2003-02-17 21:37 ` Andrew
2003-02-17 22:03 ` Geoff Collyer
2003-02-17 22:07 ` Russ Cox
2003-02-17 22:07 ` rob pike, esq.
2003-02-17 22:59 ` northern snowfall
2003-02-17 23:10 ` Russ Cox
2003-02-17 23:23 ` George Michaelson
2003-02-18 0:53 ` Skip Tavakkolian
2003-02-18 0:51 ` Mike Haertel
2003-02-18 9:33 ` Douglas A. Gwyn
2003-02-18 9:49 ` [9fans] Re: acd compile problem Conor Williams
2003-02-18 10:01 ` nigel
2003-02-18 17:30 ` [9fans] So What is P9 good for Skip Tavakkolian
2003-02-18 17:25 ` nigel
2003-02-18 4:13 ` Jack Johnson
2003-02-18 9:10 ` M Heath
2003-02-20 2:52 ` Martin C.Atkins
2003-02-17 23:35 ` matt
2003-02-17 23:45 ` George Michaelson
2003-02-18 1:53 ` Geoff Collyer
2003-02-17 23:32 ` Dan Cross
2003-02-14 2:06 ` Geoff Collyer
2003-02-14 9:31 ` Richard Miller
2003-02-14 9:34 ` Geoff Collyer
2003-02-14 15:12 ` Ronald G. Minnich
2003-02-14 13:40 ` David Presotto
2003-02-14 16:44 ` rob pike, esq.
2003-02-14 16:47 ` Ronald G. Minnich
2003-02-15 3:27 ` Geoff Collyer
2003-02-15 6:29 ` Ronald G. Minnich
2003-02-15 9:39 ` Digby Tarvin
2003-02-17 9:53 ` Douglas A. Gwyn
2003-02-17 9:53 ` Douglas A. Gwyn
-- strict thread matches above, loose matches on Subject: below --
2003-02-18 15:34 Tom Glinos
2003-02-18 15:39 ` Ronald G. Minnich
2003-02-18 3:06 okamoto
2003-02-18 1:34 okamoto
2003-02-15 6:47 Andrew Simmons
2003-02-14 21:55 Skip Tavakkolian
2003-02-14 21:58 ` Doc Shipley
2003-02-15 0:20 ` Dan Cross
2003-02-13 14:20 peter a. cejchan
2003-02-13 9:37 Jeffrey Haun
2003-02-13 10:04 ` Stephen Wynne
2003-02-13 17:52 ` maynard
2003-02-13 18:12 ` Scott Schwartz
2003-02-13 20:00 ` Jack Johnson
2003-02-13 10:11 ` Phil White
2003-02-13 10:22 ` Lucio De Re
2003-02-13 10:33 ` Skip Tavakkolian
2003-02-13 13:54 ` Russ Cox
2003-02-13 14:00 ` Lucio De Re
2003-02-13 16:26 ` rob pike, esq.
2003-02-13 16:31 ` northern snowfall
2003-02-13 23:28 ` Jim Choate
2003-02-14 19:50 ` mike
2003-02-14 20:05 ` Doc Shipley
2003-02-14 19:51 ` Dan Cross
2003-02-13 14:00 ` northern snowfall
2003-02-13 18:02 ` Jack Johnson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=92d7d2b250ac5638b5c07aa37f25621b@collyer.net \
--to=geoff@collyer.net \
--cc=9fans@cse.psu.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).