Re: [Exim] Re: [Exim-Announce] Planning for Exim 4

Top Page
Delete this message
Reply to this message
Author: Peter Radcliffe
Date:  
To: exim-users
Subject: Re: [Exim] Re: [Exim-Announce] Planning for Exim 4
Marc Haber <exim-users.exim.org@???> probably said:
> I feel that exim being a monolithic setuid binary is a major risk.
> Even if there is no exploit, the mere chance of exim being vulnerable
> this way is a big argument that is heavily used by qmail and postfix
> advocates. But probably changing this into a small, control process
> running as root and doing work in non-setuid binaries that are only
> invoked with user privileges would be too big a change.


This is very arguable.

exim's code is very modular, which gives it a much lower risk even
monolithic, and as has been shown with postfix and other things it is
possible to have far more problems with inter-process and
inter-section communication than problems caused by well designed
monolithic binaries.

Swings and roundabouts - try and avoid one problem, you walk into a
lot more.

P.

-- 
pir                  pir@???                    pir@???