On Fri, Jun 27, 2003 at 09:39:36AM +0200, Soeren Straarup wrote: > > Well my point is that every one (that is interrested in security) knows > that Sendmail and bind and so on have their exploits.. > > And I like that they are the one that is comming with some more or less > insecure services, this is due to that it really gives ppl the freedom > choose the services that they want to use. But the generic ones works for > home networks with no external access too. > > Freedom of religion. > > Well with freedom comes responsibility.
And this responsibility is handled excellently by the FreeBSD Security Officer team and the FreeBSD sendmail maintainer, George Shapiro. I don't think that there would be a better way to handle the existing and published Sendmail vulnerabilities than the current practice of timely patches and updates to both -current, -stable, *and* the various security branches, so that everyone tracking the security advisories is aware of the need to update, and update *now*, as soon as there is actually something to update to. Great job, folks! With that said, you could always do what I do and cut your own releases with appropriate NO_* knobs in make.conf ;) This is *not* to say that I don't trust the security officer team and the maintainers of the various pieces of contributed software that I exclude from my own builds; it's just a matter of personal preference. Here's hoping this is the last post in this thread :) (The last word? Me? Naah, that's just lack of morning coffee getting to you :P ) G'luck, Peter -- Peter Pentchev [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 This sentence was in the past tense.
pgp00000.pgp
Description: PGP signature
