|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, MemoryJumps, Integer Overflow)
> > You seem to be inferring that it is a bad thing to silently > > patch bugs which may have security implications. The OpenBSD > > Full disclosure, we believe in it. That's why OpenBSD and other projects publish the full source code. That is full disclosure. > I wonder if the same network operators will be happy about potentially > millions of compromised sendmail servers globally. The world of the network operator is a world of defending against other people with malicious or broken software. This sendmail issue is nothing new. Network operators would love to be able to influence other people's behavior in a positive way, but history has shown that this meets with little success and is less effective than strengthening defenses. --Michael Dillon
|