On 02-Aug-2000, Dave Sill wrote:
> I don't think it's quite as secure as qmail
Would you care to shed some light on why you don't think so? Not to
ignite flames but for informational purposes. I use both qmail and
postfix and it is very interesting to understand not just the
strengths, but also t
Ronny Haryanto <[EMAIL PROTECTED]> wrote:
>On 02-Aug-2000, Dave Sill wrote:
>> I don't think it's quite as secure as qmail
>
>Would you care to shed some light on why you don't think so?
Two reasons:
1) Postfix only uses a single uid. qmail uses six.
2) Wietse's code is buggier than Dan's. Che
On 02-Aug-2000, Dave Sill wrote:
> 1) Postfix only uses a single uid. qmail uses six.
Why is using more than one uid better? What sort of security problem
would using one uid potentially pose?
> 2) Wietse's code is buggier than Dan's. Check the historical record.
> (To be fair, *everyone's* code
The multiple UIDs provide a few failsafes, if nothing else, whereby one
broken / buggy / replaced binary can't do damage to files it doesn't own.
DJB has comments about this in the readmes, if I'm not mistaken.
- Original Message -
From: "Ronny Haryanto" <[EMAIL PROTECTED]>
> On 02-Aug-
Ronny Haryanto <[EMAIL PROTECTED]> writes on 2 August 2000 at 09:35:52 -0500
> On 02-Aug-2000, Dave Sill wrote:
> > I don't think it's quite as secure as qmail
>
> Would you care to shed some light on why you don't think so? Not to
> ignite flames but for informational purposes. I use both q