[olug] Amateur Fortress Building in Linux

[Phil Brutsche]

A long time ago, in a galaxy far, far way, someone said...

> Thought those of you having fun with inetd may be interested in this
> article on replacing inetd with tcpserver.
> 
> Be sure to check out the article even if you don't wanna play with
> tcpserver.

The link?

> The author mentions a few other things Dan Bernstein has wrote,
> including a replacement for dns (bind holes anybody?),

There hasn't been one (security problem in bind) in nearly a year.  
Granted, there haven't been many new bind releases in the last year (I'm
not counting bind 9 betas).  The only people having security problems with
bind are the "lazy" ones who haven't upgraded.

> ftp, mail (go qmail!) and lots of other nice toys. All with security
> guarantees.

Security guarantee?  I find that hard to believe.

There's more to security than buffer overflows.

> If this software is so great, why isn't it in my distro you may ask. Well,
> DJB's license is restrictive. It doesn't allow people to ship modified
> versions of his software. Or even binaries. The Linux-For-The-Masses
> distros don't like this, since they can't transmogrify the package into
> their own security nightmare beast.

Not necessarily.  Sometimes the mods are needed just to put the config
files in sane places (why the hell are the qmail config files under
/var/qmail/conf?).  Sometimes they're for bugfixes.

> So they don't. Trust me though, qmail is worth the hassle. So are a
> few other tools he has written.

-- 
----------------------------------------------------------------------
Phil Brutsche					pbrutsch at creighton.edu

"There are two things that are infinite; Human stupidity and the universe.
And I'm not sure about the universe." - Albert Einstein


---------------------------------------------------------------------
To unsubscribe, e-mail: olug-unsubscribe at bstc.net
For additional commands, e-mail: olug-help at bstc.net