> On Thu, 24 Jul 2003, Brian Ashe wrote: >> On Thursday July 24, 2003 02:06, Christopher Wong wrote: snip.... > > But my question remains unanswered: > > "given this we-got-the-last-bug-this-time-honest line of reasoning, is it > ever possible to conclude that sendmail is insecure?" > > For sendmail defenders, I suspect that the answer is "no", regardless of > the real condition of sendmail. > > Chris This is a ridiculous argument. Deciding to use a package just because no one has yet found a bug is a pretty shakey way of operating. Are you suggesting that since no exploit has been found...yet, in Postfix that none will ever be found??? And if one is found, what will you do then? Just look at the number of exploits found and fixed in the kernel. Using your logic I would guess that you are going to dump linux...right? While there may be very good arguments for using/not using sendmail/Postfix I don't consider we-got-the-last-bug-this-time-honest line of reasoning to be worth consideration. Gerry -- Shrike-list mailing list Shrike-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/shrike-list
