Sendmail and secure design

Sendmail and secure design
Jason Miller, 2006-05-01

Sendmail's wide market share, ancient code base and long vulnerability history make it an interesting example about the need for software to start from a secure design.

Sendmail and secure design 2006-05-02
Robert Banz (rob@nofocus.org)

I'm surprised that people are still going around saying "sendmail runs as root." Most operating systems that integrate sendmail now ship it running as another user (such as smmsp, sendmail, etc.) and leave the root-running to something less dangerous, such as the local delivery agent.

It's besid...

[ more ]