[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Web sites compromised by IIS attack
- To: Denis Dimick <denis@xxxxxxxxxx>
- Subject: Re: [Full-Disclosure] Web sites compromised by IIS attack
- From: Barry Fitzgerald <bkfsec@xxxxxxxxxxxxxxxx>
- Date: Fri, 02 Jul 2004 10:01:33 -0400
Denis Dimick wrote:
Barry,
I have to agree with you one once a company changes the code then they own
it. However wrapping the same old software in an RPM to me does not change
it enough to have "someone" else own the code.
Per the Free Software model it does. The key point here is that Red Hat
is redistributing the code and making a profit off of it. It's Red
Hat's choice regarding whether to redistribute said code. Since they're
making the money off of it, they have to support it.
I do find it "funny" that sendmail and BIND have been thrown out in the
e-mails (don't think it was you) But these two applications are some of
the most buggy bits of code ever written.
There are far better aplications out there if someone want to run a mail
or dns server if you ask me.
Sendmail and Bind have been riddled with bugs, this is true, but I don't
know if I'd label them some of the most buggy bits of code ever written. :)
But, as you said, there are far better choices out there -- and Red Hat
(hypothetically speaking, of course) has the choice to distribute those
instead of sendmail/bind.
-Barry
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html