FC4 slimfast slimfest

Paul A. Houle ph18 at cornell.edu
Fri Feb 25 14:01:11 UTC 2005

On Thu, 24 Feb 2005 16:50:55 -0600, Jason L Tibbitts III  
<tibbs at math.uh.edu> wrote:

>>>>>> "NM" == Nicolas Mailhot <Nicolas.Mailhot at laPoste.net> writes:
> NM> You do know that postfix design is a common example in advanced
> NM> security CS courses right ?
> What on Earth does that have to do with anything?  I'm sure advanced
> race mechanics study Ferrari engines, but I don't need one to drive to
> the store.
> I guess what you're trying to say is that all of the extra stuff that
> Postfix comes with is secure, so it doesn't hurt anything to have it
> on the machine.  That's something definitely contradicted by those
> advanced security CS courses you speak of.

	Most real postfix installations aren't going to be qualified as secure by  
the authors of postfix,  because if you want to implement POP  
authentication you need to install Cyrus SASL -- which is the kind of  
"security" software that introduces two buffer overflows for every  
security hole it plugs.  Throw in an average virus filter


and spam filter and I know it can be cracked.  If you made a homebrew  
system,  it's likely that nobody's going to spend the time to weaponize an  
attack,  but ship an integrated system with every copy of FC4 and it's  
worth the effort.

More information about the fedora-devel-list mailing list