Hacker News new | comments | show | ask | jobs | submit login

There was http://seclists.org/oss-sec/2015/q4/11

PS. maybe that's one of the vulnerabilities mentioned in the report (1). Anyway it's an argument for me to run Qmail/qpsmtpd instead.

(1) https://www.qualys.com/2015/10/02/opensmtpd-audit-report.txt




Yeah those issues were found in the Qualys audit. They have been fixed so the codebase should only be stronger now.

I just wish we had something that wasn't written in C.


Try running any such program through Softbound + CETS or SAFEcode (already in LLVM). They turn C programs memory-safe. Should knock out most of your risk immediately with an acceptable performance hit unless your volume is really, really high. Code-Pointer Integrity at least protects control flow with max of around 10% penalty. Given they're all alpha by few developers, they need more people using them on various software and doing error reports if they fail.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: