[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] ProFTPD Configuration Problem



On Fri, Feb 06, 2004 at 02:21:45PM +0300, Boris B. Zhmurov wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Markus Gaugusch wrote:
> | Comparing the complexity of the kernel with a simple thing like an FTP
> | daemon is not really what I call good argumentation ...
> 
> Ok, apache vs proftpd, or sendmail vs proftpd, or pptpd vs proftpd, or
> mysql vs proftpd, or named vs proftpd?
> Is that argumentation? :)

Look, there are replacement ftp servers for proftpd with whom you don't lose
that much. Thus intensive efforts are not worth to be done by the security
team for that product.

This does not apply to the other products:

- apache is _the_ web server

- sendmail could be replaced in principle and is done as the default MTA, but
  it is a standard implementation, many people want to have

- pptpd does not have the flaw in the implementation, but in the protocol; if
  someone wants or must use that protocol for some reason, he has to live with
  the problems, no replacement availlable

- databases are _too_ different to easily replace mysql with alternatives, and
  btw. the alternatives most likely have similar problems

- named like apache is _the_ standard product on its field

Robert

-- 
Robert Schiele			Tel.: +49-621-181-2517
Dipl.-Wirtsch.informatiker	mailto:rschiele@xxxxxxxxxxxxxxx

Attachment: pgpoDlIIKtCX2.pgp
Description: PGP signature