Re: [Exim] Does Exim have security problems?

Top Page
This message is part of the following thread:
M--\the complete thread tree sorted by date
M..M+\Mustapha Mahfouz at <-
M+\MMMJohn Horne at ->
Delete this message
Reply to this message
Author: Mustapha Mahfouz
Date:  
To: Greg A. Woods
CC: Mustapha Mahfouz, exim-users
Subject: Re: [Exim] Does Exim have security problems?
Hello,

On Mon, 28 Aug 2000, Greg A. Woods spoke,

> I wish only to point out an apparently major contradiction in what you
> say and what you quote to support your claim:

I did not "make any claims" as you suggest, I was interested in clarifying
what I have heard about Exim.

<snip>
> > Although I suspect that the above problems are corrected in the latest
> > exim, statements like the above and criticisms from my fellow collegues
> > about exims security have made a bit worried I must admit.
>
> Would your colleagues say the same thing about sendmail (or Smail)?

Actually as we all know sendmail has a extremely poor record to security,
with root escapades being reported by CERT alarmingly regurlarly.

> What about commercial mailers that are in effect also monolithic
> designs?

Well doesn't the fact that exim, qmail, postfix, even sendmails (still 70%
of the inet), popularity say enough about the quality of the commercial
MTA's.

> Meanwhile despite the existance of Smail, Exim, Zmailer, Qmail, Postfix,
> and perhaps others, each of which had security as a primary design goal,
> most of the world still runs sendmail, and a large percentage of that
> crowd still run versions of sendmail that have known vulnerabilities!

I know, which is what makes the whole thing alarming indeed. I mean any
newbie hacker can get root acesss using sendmail. Why so many sysadmins
don't upgrade sendmail or choose a safer MTA has puzzled me for a long
time.

> As Phil Pennock has already said, Exim, like Smail before it (from which
> it borrows many design ideas), was written from the ground up with great
> attention to the programming details

Yes, but it seems that DJ barnstein criticised the design of exim, in the
original message that I quoted.


> Note also that security by compartmentalisation can be easily achieved
> by other ways than just by splitting a large and complex program into
> many intertwined daemons. For example you could run your external
> mailer on a host that is not trusted by any other trusted host to do
> anything but deliver e-mail and perform DNS queries. Provided that you
> also have a secure logging host, some form of intrusion detection, and
> a well tested recovery procedure this kind of setup will perhaps be even
> more secure than you could achive by running a mailer like Postfix or
> Qmail on an otherwise more trusted machine.

Thank you for this information. I would like to think about the practical
implecations of such a setup though.

May Allah bless everone,
Mustapha Mahfouz




This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [Exim] Does Exim have security problems?Re: [Exim] Connects without any action?->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)