[olug] Amateur Fortress Building in Linux
Phil Brutsche
pbrutsch at creighton.edu
Mon Sep 11 00:02:28 UTC 2000
A long time ago, in a galaxy far, far way, someone said...
> Thought those of you having fun with inetd may be interested in this
> article on replacing inetd with tcpserver.
>
> Be sure to check out the article even if you don't wanna play with
> tcpserver.
The link?
> The author mentions a few other things Dan Bernstein has wrote,
> including a replacement for dns (bind holes anybody?),
There hasn't been one (security problem in bind) in nearly a year.
Granted, there haven't been many new bind releases in the last year (I'm
not counting bind 9 betas). The only people having security problems with
bind are the "lazy" ones who haven't upgraded.
> ftp, mail (go qmail!) and lots of other nice toys. All with security
> guarantees.
Security guarantee? I find that hard to believe.
There's more to security than buffer overflows.
> If this software is so great, why isn't it in my distro you may ask. Well,
> DJB's license is restrictive. It doesn't allow people to ship modified
> versions of his software. Or even binaries. The Linux-For-The-Masses
> distros don't like this, since they can't transmogrify the package into
> their own security nightmare beast.
Not necessarily. Sometimes the mods are needed just to put the config
files in sane places (why the hell are the qmail config files under
/var/qmail/conf?). Sometimes they're for bugfixes.
> So they don't. Trust me though, qmail is worth the hassle. So are a
> few other tools he has written.
--
----------------------------------------------------------------------
Phil Brutsche pbrutsch at creighton.edu
"There are two things that are infinite; Human stupidity and the universe.
And I'm not sure about the universe." - Albert Einstein
---------------------------------------------------------------------
To unsubscribe, e-mail: olug-unsubscribe at bstc.net
For additional commands, e-mail: olug-help at bstc.net
More information about the OLUG
mailing list