Re: We need a new subject- bug fixes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Today Timothy Murphy did spake thusly:

Rahul Sundaram wrote:

It is trivially easy to uncomment a line
and configure sendmail to connect to external ports.

Sorry, Rahul, I have to disagree with you there.
It is not trivially easy for normal human beings
to change anything in sendmail.

I managed, and I'm normal.

How many windows boxes are currently sending mail quite happily to you as spam? And you think sendmail should be allowed to do the same?

People who can't work a computer shouldn't be allowed to work one. People who can't work Linux shouldn't be allowed to use it. Just like people who don't know how to drive a car shouldn't be allowed to use one. Not until they've been taught, right?

But this is the real world, innit?

Sendmail has been exploited in the past. It's quite well known for having been exploited lots in the past. And it's not just a user's machine that gets compromised, it causes huge problems when a MTA is compromised and used as an open relay for instance. So no, in my humble opinion, as a fedora user, I'd say yes, I prefer that it's not running on external ports by default. Because if an exploit is discovered then the people actually running sendmail externally will be aware that they are and can fix/patch it.

Remember the problems with RPC and windows being exploited? And the ones with remote P&P and the remote registry hacks? All services running on windows boxes that were unknown to the average user...

--
Scott van Looy - email:me@xxxxxxxxxxxxxx | web:www.ethosuk.org.uk
site:www.freakcity.net - the in place for outcasts since 2003
PGP Fingerprint: 7180 5543 C6C4 747B 7E74  802C 7CF9 E526 44D9 D4A7
      -------------------------------------------
      |/// /// /// /// WIDE LOAD /// /// /// ///|
      -------------------------------------------

Any circuit design must contain at least one part which is obsolete, two parts
which are unobtainable, and three parts which are still under development.

[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux