Re: [Exim] Exim and IBM DB2

Startseite
Diese Nachricht ist Teil des folgenden Threads:
M+\Der komplette Thread sortiert nach Datum
MMMSean Witham am <-
MMMPhilip Hazel am ->
Nachricht löschen
Nachricht beantworten
Autor: Sheldon Hearn
Datum:  
To: Sean Witham
CC: Exim Users Mailing List
Betreff: Re: [Exim] Exim and IBM DB2

On Wed, 19 Dec 2001 12:16:06 GMT, Sean Witham wrote:

> Yes Exim is a big program and thus it is next to imposible if not
> imposible to "prove" that it is secure but I think it is this very
> fact that changes the dicussion from one of fact and principle to
> that of personal opinion. I say that because people use exim despite
> the privledges that it has because they trust the programmer to do
> the right things.

Actually, Exim's invulnerability to abuse of its setuid privelege isn't
hard to prove. There's not that much code to audit between program
execution and setuid()/setgid() time.

Ciao,
Sheldon.


Diese Nachricht wurde auf der folgenden Mailing-List gepostet:
Exim-users
Mailing-List-Info | Nachrichten um die Zeit		<-Re: [Exim] Exim and IBM DB2Re: [Exim] majordomo 2 vs. mailman->
Tahini and Hummus and Cumin Development Archives administriert von cumin AdminsLurker (Version 2.3)