[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: zmailer
On Thu, 24 Jul 1997, Alexis Yushin wrote:
> Once Matti Aarnio wrote:
> > I have a priorization at checking on things:
> > - is it potential security leak ?
> > - does it cause core-drops ?
> > - is it slow ?
> > - is it too ugly to watch ?
> > - all other stimuli I get
> > Order of the last three may vary.
>
> Yes, but I think the highest priority still should be
> core dumps/misbehaviour because on in a large scale environments
> like what ZMailer is supposed to be used in the worst thing is
> when the thing breaks down at nigh or trash some mail. You may
> be hacked once or not and they may succeed or not but if it
> misbehaves you are definitely in trouble. Can make a company out
> of business as well, half a day of no mail is enough for it in
> fact.
Sorry Alexis, but you're just plain wrong. You must have never suffered a
security incident, or you would know that absolutely *nothing* is worse. A
bad security incident can put a company out of business in seconds.
Otherwise, it will still take much more work to recover from a security
incident than a core dump in your mail system.
If nothing else, those naughty child monkey-see-monkey-do "crackers" are
usually more malicious than any programming error in ZMAILER. :-)
I think Matti's priority list is correct, though I would list "does it cause
misbehavior without a memory fault?" before "does it cause core-drops ?"
since they can be much harder to spot/debug.
If core dumps worry you more than security, just send us all your root
password and we'll check your $POSTOFFICE directory for core dumps once in a
while. :-) :-) :-)
-Andy
Global Auctions