27 Mar
2006
27 Mar
'06
3:53 a.m.
You seem to be inferring that it is a bad thing to silently patch bugs which may have security implications. The OpenBSD
Full disclosure, we believe in it.
That's why OpenBSD and other projects publish the full source code. That is full disclosure.
I wonder if the same network operators will be happy about potentially millions of compromised sendmail servers globally.
The world of the network operator is a world of defending against other people with malicious or broken software. This sendmail issue is nothing new. Network operators would love to be able to influence other people's behavior in a positive way, but history has shown that this meets with little success and is less effective than strengthening defenses. --Michael Dillon