> Even if today's version of "smail" is proven secure (unlikely) then
> where are we going to find the time/money/effort/expertise to prove
> that next years' patched version is also secure? And what about the
> incremental changes after that? At some point even the best designed
> and engineered software component will look like sendmail, especially
> packages in the public domain. It costs lots of money and effort to
> maintain design integrity across multiple releases, and that's a huge
> source of bugs right there.
So, what are you saying? The eternal bogus wisdom that there is no such thing
as a secure (including parts of it) seems to catch every single discussion
here. Get real and spare us with these academical discussions. The most
secure firewall doesn't help if someone can still walk out of the building
with a tape full of confidential material. I mean, what's the point
of this nonsense. You can only provide security to a certain degree, that
doesn't mean at all that your standards are neccessarily low or anything.
I'm aware of the problem and I pointed it out. And if I have something
delicate which I cannot fix, I'll build a wall around it. There is no perfect
world.
Chris
--___ ____ __
| _ \/ __/| \ Christian Kuhtz <chk @
psa .
pencom .
com> "And dsmit hailed:
| _/\__ \| \ \ Pencom Systems Administration Services We shall smit thou
|_| /___/|_|__\ on-site at IBM, Gov't Services, Boulder, CO forever!"
Follow-Ups:
References:
|
|
