Szerző: Jasen Betts Dátum: Címzett: exim-users Tárgy: Re: [exim] The problem with Free Software
On 2013-06-03, Allen Bell <abell1204@???> wrote:
> No one would argue that some of the best software on the planet has come
> from free software projects where the author or authors have no higher
> purpose than to "do better." Additionally, the bulk of their improvements
> have come from finding clever and sometimes even brilliant ways to
> incorporate user requests.
This reminds me of a prominent software company that recently reverted a
user-interface feature.
> But sometimes, the developer ego gets involved and once they make a
> decision about the "right way" to do something it becomes cast in concrete.
If you have the source you have control, if you don't, you have only
wishes. I run exim with a customisation, one day I'll tidy it up and
contribute it. Then I won't have to mintain it.
> hard-coded restriction implies that the author knows my system, my office,
> my environment, my business and my needs better than I do. In fact, the
> very last thing in the world that I need is a programmer trying to save me
> from myself.
>
> Even worse, if the mere act of placing a series of ASCII characters in a
> file on a disc named /var/mail/root can cause a security breech... redesign
> your program or find someone better than you who can do it for you.
ASCII? exim is 8-bit transparent,
And what about system filters ... writing to /var/mail is not the only
delivery option. it's not inconceivable that some system filterm or
seive filter could remotely exploted by using a crafted message...
> In my opinion, there is a special place in hell for programmers that decide
> that they know best what other people need and how they should do things.
OTOH: They don't call him BOFH for nothing :)
> And finally, for all those of you reading this that are getting a twitch in
> your backsides...
> having this almost uncontrollable urge to reply...
> asking why in the world I'd want to do something that YOU don't want to
> do...
> telling me why *I* shouldn't do what *I* want because *YOU* think it's
> wrong...
> telling how YOU do it because YOU found a work around...
> attacking me for having the audacity to have formed a different opinion
> that you...
> ... you're as big a part of the problem as anyone else.
If you want to deliver to /var/mail/root set up a transport to run that
delivery as a different user! it's not like root is going to have
trouble dealing with it if it's owned by someone else.