Security Basics mailing list archives
RE: sendmail trojan
From: Chris Santerre <csanterre () MerchantsOverseas com>
Date: Fri, 18 Oct 2002 13:30:50 -0400
not sure I follow. By your logic, it should never have been trojaned. :) -----Original Message----- From: Stephane Nasdrovisky [mailto:stephane.nasdrovisky () uniway be] Sent: Friday, October 18, 2002 4:10 AM To: Alexandros Papadopoulos Cc: security-basics () securityfocus com Subject: Re: sendmail trojan Haven't you ever heard of code review ? It's part of any decent software development process. Alexandros Papadopoulos wrote:
Frankly, even if the trojan was enclosed in <blink></blink> statements, in 80,000 lines of code it would be lost. It's not feasible for one single
coder
to proofread everything he/she compiles. You have to implicitly trust the coder/maintainer/distributor, I see no other way.
Current thread:
- sendmail trojan jnf (Oct 15)
- Re: sendmail trojan Alexandros Papadopoulos (Oct 17)
- RE: sendmail trojan Vince (Oct 17)
- Re: sendmail trojan Stephane Nasdrovisky (Oct 18)
- Re: sendmail trojan Alexandros Papadopoulos (Oct 18)
- <Possible follow-ups>
- RE: sendmail trojan Chris Santerre (Oct 21)
- Re: sendmail trojan Alexandros Papadopoulos (Oct 17)