On Mon, 27 Jan 1997, Adam Shostack wrote:
> | qmail: it seems to me more complicated to configure than sendmail.
> | Once you get a code size over 8 .c files I see little difference
> | between the reviewability of
> | qmail and that of sendmail. At least I'm familiar with sendmail.
> Sendmail has 46k lines of code, qmail has 16k, as counted by
> wc *.[ch]
Keep in mind that the code you counted for qmail includes a complete
replacement for libc: the auther didn't trust vendor libc's and wrote his
own -- resolver.. malloc.. string handling.. date and time stuff..
everything. Paranoia of that level is deserving of high respect IMO!
FWIW, the daemon portion of qmail runs as five seperate processes that
communicate with each other via pipes; each process runs as a different
uid and is responsible for a very specific task. There is no monolithic
executable that runs as root and is setuid root. There are no setuid-root
executables at all, in fact -- the one daemon process that runs as root
(228 lines of code whose sole purpose is to spawn local delivery processes
as the appropropriate uid, and which refuses to spawn anything as root) is
started at system startup.
-m
|
|
