I'm surprised that people are still going around saying "sendmail runs as root." Most operating systems that integrate sendmail now ship it running as another user (such as smmsp, sendmail, etc.) and leave the root-running to something less dangerous, such as the local delivery agent.

It's besides the point, however. It's still no excuse for shoddy programming -- and IMHO, sendmail is far from being shoddy programming today. The kinds of things you find now in sendmail (and other such packages) are obscure edge cases or strange operating system interactions -- on the other hand, 99.9% of the developers out there in the wild still can't fathom the concept of an SQL injection attack.

Picking on Sendmail is very late-'90s.


[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/400/33572#33572