True that. The "they" referred to below is one man, DJ Bernstein. Check out his papers [http://cr.yp.to/papers.html] alone and you'll see how hard core he is. This is a dude so paranoid he avoids linking against standard C libraries. For insantce, see http://cr.yp.to/qmail/guarantee.html , in the section "Why is qmail secure?". And yes, qmail is spelled with a lower-case q. :) kw ----- Original Message ----- From: "Jae" <jgangemi@pwebtech.com> To: "Suse-Security Mailinglist" <suse-security@suse.com> Sent: 28 June 2000, Wednesday 13:23 Subject: Re: [suse-security] wuftpd On Wed, 28 Jun 2000, Kurt Seifried wrote:

Heck, I could start poking at Qmail/etc, fact is ProFTPD is a lot cleaner, they did a code audit, it hasn't had any problems this year..... (knock on wood).

umm, not to start a flamewar, but what can you say about qmail? they claim themselves to be very secure, and back it up by offering $1000 dollars if you can hack it and get root. umm - actually - i stand corrected, the challenge is over and no one claimed the prize - but stil. they offered some pretty strong backing that they produced a secure product, and i have yet to see any reports on insecurities in it. if you've found one, please pass it along, as i'd be very interested to read about it. -Jae ** The mouse said,"can i take the day off?" and the lion responded "No, for you will be my after lunch snack" <crunch> - Anonymous --------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com