Symlinks
Paul Robinson
paul at iconoplex.co.uk
Fri Feb 8 12:45:49 GMT 2002
On Feb 8, Dominic Marks <dominic_marks at btinternet.com> wrote:
> I *strongly* suggest you don't use wu-ftpd. It's security record is
> diabolical.
There are two opinions on this - that bad security history means you
shouldn't run that code, or that it means you *should* run it. The fact that
a daemon has had a poor security history is typically a good sign if nothing
has been found recently - when you get a few holes in a piece of code
reported to BUGTRAQ the code gets a good going-over from various clueful
people and then if you get a rush of vulns reported you know people are
doing something with it. Eventually, you end up with a relatively well
audited piece of code. That's why you can be relatively sure you're going to
be OK with sendmail, bind and apache these days. wu-ftpd should be fine
these days from a security point of view, but I don't run it because it
sucks. *That's* justification for not using it. :-)
--
Paul Robinson
More information about the Ukfreebsd
mailing list