Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses

comment on

( #3333=superdoc: print w/replies, xml ) Need Help??
I guarantee that qmail has been through the workout that he describes.

I have no idea what current stats are, but his claim is based on things like this survey he did in late 2001. Based on those numbers, qmail certainly was widely used, particularly at very busy sites. (Particularly Critical Path.) To the best of my knowledge it still is popular for busy sites, though it is not widely deployed among home users. (Which is what the Debian popularity contest shows.) Furthermore his licensing makes it much less popular for a system like Debian. Not only is his software not free by Debian standards, but he does not allow vendors to change his filesystem layout for qmail. That reduces acceptance quite a bit.

Also given the security claims he made for it then, and the reputation he has, I guarantee that his codebase has been audited. (In fact I personally know more than one person who has audited his code.) That he would only have 4 bugs reported is (by industry standards) nothing short of astounding. Even though further review might find more bugs, I'm confident it wouldn't find many more. And it would certainly not find anything close to the number of problems that there are in sendmail.

In short, when it comes to security, Dan Bernstein has a well-deserved reputation as an overbearing obnoxious jerk. But he has earned the right to be one, and you should take him seriously.

In reply to Re^2: [OT] Some thoughts on security after ten years of qmail 1.0 by tilly
in thread [OT] Some thoughts on security after ten years of qmail 1.0 by clinton

Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":

  • Are you posting in the right place? Check out Where do I post X? to know for sure.
  • Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
    <code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>
  • Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
  • Want more info? How to link or or How to display code and escape characters are good places to start.
Log In?

What's my password?
Create A New User
Domain Nodelet?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others cooling their heels in the Monastery: (3)
As of 2022-08-10 20:08 GMT
Find Nodes?
    Voting Booth?

    No recent polls found