Re: Two questions about task-harden.
Noah Meyerhans <noahm@debian.org> writes:
> On Thu, Aug 23, 2001 at 09:14:31PM +0200, Ola Lundqvist wrote:
> > The second questions is if I should conflict with sendmail. I got
>> a bugreport some days ago that was complaining about just that.
>> In my opinion there is no good reason for not conflicting with
>> sendmail but I want to know what you think. Is it possible to make
>> a secure server with sendmail?
>
> I don't like the idea of conflicting with sendmail. A hardened machine
> should still be useful. It's too bad there's no "Recommends-Against"
> dependency or something. I think conflicting is too rigid in this case.
Sure, but there are plenty of other MTAs which can be used in place of
sendmail. Sendmail has a history of security problems; postfix and
exim have a history of reasonably secure behavior. A machine with
sendmail installed *isn't* hardened. There may be times when
Sendmail's functionality is needed, but that couldn't really be called
a hardened machine any more.
-Brian
--
Brian Sniffen bts@akamai.com
Reply to: