On Wed, Aug 29, 2001 at 10:26:49AM +0200, Frank Tegtmeyer wrote:
> Al Lipscomb <arl@q7.net> writes:
>
> > ... I am going to start removing DJBDNS and qmail
> > from all of my customers machines as soon as I can. While his software may
> > have
> > advantages I would not wish them to expose themself to a lawsuit as a
> > result of
> > using tar, scp or ftp. I have enough of Dan's posts to convince them that I
> > made
> > a mistake in installing it in the first place.
>
> How ridiculous. Now you want to get them BIND and sendmail again or
> what? Hopefully they will sue *you* when the next bug is exploited on
> their systems.
>
> Frank
>
Frank, maybe someone will do you a favor and sue you so you will know what that
means.
Or has DJB agreed to hold me harmless when an exploit is found in his code?
Installing DJB software on their machines puts them at risk. Not due to
criminal activity
against their servers but due to the possibility of a lawsuit in the future due
to
the conditions put forth at http://cr.yp.to.
There is other software out there besides BIND and sendmail. In fact there is a
qmail
clone that is under the GPL. Also, there have been no exploits against the
versions
of BIND and sendmail that ship with OpenBSD that would harm any of my
customers.
--
|
There is no doubt we need government in our lives. There is also no doubt
that we need salt in our diet. Watch out for too much of either one.
AA4YU http://www.beekeeper.org http://www.q7.net
|