Procmail Vulnerabilities check
Kurt Jaeger
lists at opsec.eu
Mon Dec 11 18:36:49 UTC 2017
Hi!
> if the majority of people install their systems via packages, that makes for
> a fairly common FreeBSD base across all users.
Why would a system installed via packaged be more homogenous than
one installed as base, and updated via freebsd-update ? I don't
understand this -- can you elaborate ?
> In closing, and more to the point regarding Sendmail; Sendmail has a nearly
> impeccable security record in at the last decade. It provides a *secure*,
> more powerful, and more flexible MX on the cheap. I see little reason to
> consider it an attack vector. Which makes *security*, and it's related
> maintenance a pretty poor argument, for it's removal.
The argument is: The update process for base is more complex
than for packages, and we've come a long way to have a very
nice pkg-system, in general. The mid-term plan is thus to package base, too.
Packaging base means sensible packages have to be defined, and
sendmail suits a package very well.
--
pi at opsec.eu +49 171 3101372 3 years to go !
More information about the freebsd-ports
mailing list