[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Why Linux, Why Debian

On Sat, Feb 14, 2004 at 08:37:36PM +0000, Andrew Suffield wrote:
> > Ok, let me see, in woody:
> > 
> > 1) exim listens to all remote ports, is installed as the default MTA and 
> > run by inetd
> Can't remember any remote root holes in exim.

You seem to have missed my point, I did not said that our default install
was less "secure" than OpenBSD's but more bloated. In fact, you have not
demonstrated that this is not the case. And you probably agree with me that
even if some services have not had remote buffer overflow vulnerabilities
for some time it does not mean that they will not have them in the future,
either because they had been overlooked or because a new version/change
introduces them.

Still, from what I said, OpenBSD ships with those default "silly" inetd
services + OpenSSH which is less risky than our default inetd+some RPC
services+mail server+OpenSSH+printer server in woody. Leaving remote buffer
overflows aside this means there is a potential for these services to be
left unconfigured/misconfigured either because of the user or a package
bug.  Consider the case of having a default install which leaves an open
relay mail server because there was some error in the package that nobody
noticed. That is less likely to happen in OpenBSD.



Attachment: signature.asc
Description: Digital signature

Reply to: