Re: default MTA for sarge
On Wed, 16 Jul 2003 11:45, Steve Langasek wrote:
> Not to rain on a fellow exim detractor, but there's nothing inherently
> insurmountable about auditing the code paths in a monolithic program
> that run before privileges are dropped. Either architecture can be
> easily mucked up by someone making code changes that don't belong,
> whether the boundary between privileged and unprivileged code is a
> separate object file or a "Do not enter" sign in the source.
My experience in debugging programs is that large monolithic programs are a
real bitch to debug. In a large program it's difficult to trace the flow of
control as functions call each other all over the source tree. Also there is
a limit to the amount of code that you can keep in your head at one time. If
you can recall in general terms how 100% of a program works at one time then
auditing/debugging it is not so difficult. If you can only recall 10% (due
to the source being 10* bigger) then it's quite difficult. If you can recall
less than 1% and the program is not clearly structured (mail servers are not
clearly structured because of their design) then debugging or auditing the
code is beyond the ability of most programmers.
I doubt that I could effectively audit Exim or Sendmail. I have tried to
think of a Debian developer who I am confident would have the ability to do
such auditing and I can't think of anyone (I am not saying that there isn't
anyone, just that from what I know of the skills of the developers I can't
name someone who I can be certain could do the job).
The autors of Postfix and Qmail are both competant at such auditing and I
would trust them to reliably audit Sendmail and Exim. But they spend all
their time auditing each other's code and probably couldn't spare the time to
audit Exim or Sendmail even if they were intersted. ;)
PS Any Debian developers who are interested in auditing code would probably
achieve better results with less work by auditing coreutils...
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
Reply to: