The attackers being able to gain access to the official sendmail ftp obviously hasn't got anything to do with open source. Could happen to anyone. But I think the point is that it would be easier for them to create a trojan package, already having the sendmail source to modify. All be it that that the trojan is also open, for anyone to see should they actually look... and apparently the PGP verification fails on the trojan version too.
Cheers, Gareth On Wednesday 09 October 2002 17:32, Zane Gilmore wrote: > On Wed, 2002-10-09 at 16:52, Jeremy Bertenshaw wrote: > > http://www.cert.org/advisories/CA-2002-28.html > > > > Wondered how long until a few more things like this would > > happen, bit of a downside to open source. > > How is what happened to the Sendmail ftp server a downside to > open-source? > > > jeremyb.