Mark Burnett beat me to it. I was planning to write an article on the relationship between good security and paranoia in the not too distant future. However, it appears that at least one other SecurityFocus columnist shares some of my theories on good security. Either that, or he's somehow capable of reading my mind. Paranoia is generally a good thing to have. Regardless, Mark's article got me wondering about what other traits are valuable in the quest for good security.
Qmail's pursuit of perfection
If we think about applications with a relatively "perfect" (I use the term very loosely) security track record, not many come to mind. However, I'd be willing to bet that software written by Dan Bernstein, specifically qmail (and djbdns), might be first among those mentioned. Why is qmail considered secure? There are two main reasons.
Bernstein designed qmail with security in mind. If everyone who wrote software actually made security a design priority, we'd be in a lot less trouble with vulnerabilities than we are now. But it appears this is too much to ask, because there's so much software out there that doesn't seem to put much more than a casual afterthought into security.
Secondly, Bernstein strives to write bug-free code. Although this is an unachievable goal, it didn't stop Bernstein from trying. His code has now stood the test of time, and has done so with a very small security vulnerability footprint.
The combination of these two factors has made qmail a very successful application for secure environments.
Qmail isn't perfect
Georgi Guninski recently published a vulnerability in qmail (albeit not a practical one), which can be exploited on specific configurations of some 64-bit systems. That's right. Even qmail has bugs. This shouldn't be a surprise to anybody.