Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow)

From: "Michael A Fusaro II" <maf () mafii com>
Date: Fri, 24 Mar 2006 18:31:01 -0500
Theo de Raadt wrote:

You would probably expect me to the be last person to say
that Sendmail is perfectly within their rights.  I have 
had a lot of problems with what they are doing.

But what did you pay for Sendmail?  Was it a dollar, or was 
it more?  Let me guess.  It was much less than a dollar.  I 
bet you paid nothing.

So does anyone owe you anything, let alone a particular process 
which you demand with such length?



Gadi Evron wrote:

So you are basically saying open source free software can't 
be trusted to hold high standards or be reliable or secure 
if I don't pay for it?


What he is basically saying is that you hold no right whatever 
to demand it.

The "International Infrastructure's" need doesn't constitute 
a claim on Sendmail or its developers.  As Theo stated, if 
that's unacceptable, buy software with a commercial license 
(which would then give you the right to demand that trust, as 
included in the license).

--
Michael A Fusaro II
maf () mafii com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: