2. Migrate to MySQL (or other free DB) back-end with Access front-end: You will have to figure out who maintains the server setup. Access does not like to migrate to non MS databases, and you may have to totally redo the db structure and Access front-end.
Actually, it's very easy to migrate Access to MySQL. Install the MySQL ODBC driver, then import the database and data into MySQL. You can then use Access as the frontend to the MySQL ODBC data source.
Monolithic, buggy programs like sendmail will always be a security nightmare. That doesn't mean that secure code can't be written in C. qmail, for example, is completely secure. If more programmers followed good coding practices, we would see fewer security disasters. A good start would be to stop using C strings and to start using the stralloc concept.
Re:Which is probably why...
on
Duke3d in Linux
·
· Score: 2, Funny
I wonder about some of the original duke3d bugs too. Nothing worse than just about fragging somebody in deathmatch only to get munched by a closing door...
About three years ago, a friend of mine, Rusty Wagner, decided it would be cool to have a version of Duke 3D that worked in Windows. Rusty already had a game engine that he'd been writing, so he modified it to load the Duke 3D maps. He also added menus, a console and some other cool stuff. The result is actually quite good. Duke 3D maps look very nice when rendered using OpenGL or Direct3D.
True or false? -- It's illegal for me to modify the source code and redistribute the modified version.
How does this negatively affect your usage of the software?
True or false? -- Qmail complies with OSI's open source definition [opensource.org].
How does what OSI thinks negatively affect your usage of the software?
(I have at least a dozen machines running qmail. These magic problems don't affect me or anyone else I know that runs qmail. Yahoo! runs qmail. It doesn't seem to affect them either.)
Not only is this code ripe with pointer arithmetic and unchecked (locally) array bounds access, it even says right in it, "XXX overflow?" -- in other words, the author isn't even sure that what he's doing is correct. If the author's not sure, I don't see how it is "easy" to see that this code is secure.
I'd like to know where these "unchecked" array accesses are at in that code. I sure don't see any. You aren't understanding that comment. pos is a file offset, not a pointer. And that code is only used by qmail-newu, which is run locally by the admin to regenerate the users/assign database. Try looking at some other code, such as qmail-smtpd.c.
I was actually pretty surprised by the code (looking at a few files after that, I don't see any different) in qmail. Though I would believe that qmail is written by an expert C hacker who is paranoid about security, I don't think there is anything special about the code other than that that gives it extra security. Do you have any particular insight that I'm missing?
You must not be familiar with C. Did you not notice the lack of standard string routines? See this page for a list of reasons why qmail is secure.
Qmail isn't free-as-in-speech. It has some goofy license that doesn't allow redistribution of modified sources. In other words, you can't fork it. This is such a drastic deviation from the way the world of open-source software normally works that it really gives me doubts about using the software.
Nice troll. qmail has no license. Thus, you are only restricted by copyright law. You are free to install and use the software. You are also free to distribute patches. How does this negatively affect your usage of the software?
On my FreeBSD server, installing qmail would apparently require a reboot (because of daemontools). Holy cow -- what is this, Windows? Since when does installing Unix software require you to reboot your server??
What's worse is that there might be Qmail related exploits around that we are not aware of. Surely the blackhats will not disclose those bugs and we will probably never hear about it from them. If a MTA has a "flawless" security record, I'd be worried. Has anyone ever properly audited the Qmail code, besides DJB? It's kinda like claiming you've never been broken into. It might just be the case that you have had an intrusion, but you never noticed.
qmail has no security holes. Hundreds, if not thousands, of people have read the source code. Many people hate DJB and would love to find a security hole in his software. No one has found any.
Instead of making wild claims about non existant security holes that no one knows about, why don't you read the source code yourself and find out why it is secure?
While that is also what I see, I wonder why they never use more than one proxy? Don't they think they could hide their true identity better by using multiple proxies?
The problem with PHP isn't stability, it's a bogus security model that makes is unusable on massively multi-user systems.
That is an Apache shortcoming, not PHP. Any other programming language will have the exact same problem, unless the entire program runs in a secure virtual machine.
Well, it's true that they have no known buffer overflow-style bugs--brute force can occasionally work.
They have no bugs of that nature due to the way they are written. If you read the source, it's easy to see why they are secure. They don't use static buffers and all network input is checked.
Most security problems with C code stem from the use of the standard C library. Dan doesn't use it. His C library makes it much easier to write secure code. If everyone writing C ditched the standard C library, we would see fewer security related bugs.
You're right, C or C++ code with explicit memory allocation still makes it too easy to code double-free bugs.
Not really. There is a simple way to avoid freeing something twice: set the pointer to NULL after it has been freed. Both free() and delete take no action if the pointer is NULL.
Slashdot Mirror
GRR!! Very annoying when trying to write code for both win32 and *nix.
So fix it...
#ifdef WIN32
#define snprintf _snprintf
#endif
Or get the free Borland compiler.
No more 25-in-one, 50-in-one, 75-in-one, or (the holy grail), the 150-in-one Electronic Project Kit.
They still sell them, though they are not nearly as good as the ones sold ten years ago (I had one then).
Let me guess... the other 55% is porn?
Restart qmail your favorite way.
You don't need to restart qmail-send. qmail-remote is invoked every time a remote message is to be sent, and will read smtproutes at that time.
You can check with qmail-showctl to see if it worked.
qmail-showctl simply displays the contents of all the control files in a human readable format. To see if it works, you need to send a test message.
That film is great. Is it available anywhere for download?
t rue
Nevermind, I found it here: http://www.chryslermdff.com/parlor.asp?loadMovie=
I'm sure I don't need to point out that short film - "The Parlor"
That film is great. Is it available anywhere for download?
once you cross the door you are in a workplace and can't just get up and fix yourself a sandwich whenever you feel like
:)
Why not? Everyone at the office here does that
2. Migrate to MySQL (or other free DB) back-end with Access front-end:
You will have to figure out who maintains the server setup. Access does not like to migrate to non MS databases, and you may have to totally redo the db structure and Access front-end.
Actually, it's very easy to migrate Access to MySQL. Install the MySQL ODBC driver, then import the database and data into MySQL. You can then use Access as the frontend to the MySQL ODBC data source.
Monolithic, buggy programs like sendmail will always be a security nightmare. That doesn't mean that secure code can't be written in C. qmail, for example, is completely secure. If more programmers followed good coding practices, we would see fewer security disasters. A good start would be to stop using C strings and to start using the stralloc concept.
I wonder about some of the original duke3d bugs too. Nothing worse than just about fragging somebody in deathmatch only to get munched by a closing door...
Hmm, I always considered that a feature.
BSD is getting closer to a 5.0 release!
Yes, if by closer you mean relased two and a half months ago.
But, and correct me if I'm wrong electrum, we showed the original author this and he liked the DirectX version, did he ever see the linux port?
Yeah, I remember Rusty saying he showed it to Ken Silverman. I don't know about the Linux port.
Actually, one of my friends started that about three years ago. See my other post about it or grab it here: http://david.acz.org/duke/
About three years ago, a friend of mine, Rusty Wagner, decided it would be cool to have a version of Duke 3D that worked in Windows. Rusty already had a game engine that he'd been writing, so he modified it to load the Duke 3D maps. He also added menus, a console and some other cool stuff. The result is actually quite good. Duke 3D maps look very nice when rendered using OpenGL or Direct3D.
You can grab the source code with precompiled duke.exe or view some screen shots.
Someone at his school found the source and ported it to SDL: http://openduke.sourceforge.net/
Unfortunately, the project never went anywhere, but there is still a lot of useful code there.
True or false? -- It's illegal for me to modify the source code and redistribute the modified version.
How does this negatively affect your usage of the software?
True or false? -- Qmail complies with OSI's open source definition [opensource.org].
How does what OSI thinks negatively affect your usage of the software?
(I have at least a dozen machines running qmail. These magic problems don't affect me or anyone else I know that runs qmail. Yahoo! runs qmail. It doesn't seem to affect them either.)
Not only is this code ripe with pointer arithmetic and unchecked (locally) array bounds access, it even says right in it, "XXX overflow?" -- in other words, the author isn't even sure that what he's doing is correct. If the author's not sure, I don't see how it is "easy" to see that this code is secure.
I'd like to know where these "unchecked" array accesses are at in that code. I sure don't see any. You aren't understanding that comment. pos is a file offset, not a pointer. And that code is only used by qmail-newu, which is run locally by the admin to regenerate the users/assign database. Try looking at some other code, such as qmail-smtpd.c.
I was actually pretty surprised by the code (looking at a few files after that, I don't see any different) in qmail. Though I would believe that qmail is written by an expert C hacker who is paranoid about security, I don't think there is anything special about the code other than that that gives it extra security. Do you have any particular insight that I'm missing?
You must not be familiar with C. Did you not notice the lack of standard string routines? See this page for a list of reasons why qmail is secure.
Qmail isn't free-as-in-speech. It has some goofy license that doesn't allow redistribution of modified sources. In other words, you can't fork it. This is such a drastic deviation from the way the world of open-source software normally works that it really gives me doubts about using the software.
/usr/ports/sysutils/daemontools /var/service /var/service /service /usr/local/share/examples/daemontools /usr/local/etc/rc.d/svscan.sh /usr/local/etc/rc.d/svscan.sh /usr/local/etc/rc.d/svscan.sh start
Nice troll. qmail has no license. Thus, you are only restricted by copyright law. You are free to install and use the software. You are also free to distribute patches. How does this negatively affect your usage of the software?
On my FreeBSD server, installing qmail would apparently require a reboot (because of daemontools). Holy cow -- what is this, Windows? Since when does installing Unix software require you to reboot your server??
Wrong:
# cd
# make install clean
# mkdir
# ln -s
# cd
# cp svscan.sh.sample
# chmod +x
#
Can't get any response from the cr.yp.to server when I try to download ucspi-tcp, which is another package that qmail depends on.
He lists all network outages on the front page of the server. I don't see any listed for the last four months. Perhaps you should try again.
As a fall through address is something that is basically a method to deliver mail, how can a popper do this at all?
:}
Mail comes into your MTA, not your popper
(I think im just misunderstanding)
You are misunderstanding. vpopmail is a virtual domain manager for qmail.
Qmail ONLY works with procmail. It requires procmail for local delivery.
/var/mail. It can natively deliver to mbox or the much superior Maildir.
Wrong. qmail can use procmail to deliver to
What's worse is that there might be Qmail related exploits around that we are not aware of. Surely the blackhats will not disclose those bugs and we will probably never hear about it from them. If a MTA has a "flawless" security record, I'd be worried. Has anyone ever properly audited the Qmail code, besides DJB? It's kinda like claiming you've never been broken into. It might just be the case that you have had an intrusion, but you never noticed.
qmail has no security holes. Hundreds, if not thousands, of people have read the source code. Many people hate DJB and would love to find a security hole in his software. No one has found any.
Instead of making wild claims about non existant security holes that no one knows about, why don't you read the source code yourself and find out why it is secure?
While that is also what I see, I wonder why they never use more than one proxy? Don't they think they could hide their true identity better by using multiple proxies?
Because open proxies are usually slow.
The problem with PHP isn't stability, it's a bogus security model that makes is unusable on massively multi-user systems.
That is an Apache shortcoming, not PHP. Any other programming language will have the exact same problem, unless the entire program runs in a secure virtual machine.
Well, it's true that they have no known buffer overflow-style bugs--brute force can occasionally work.
They have no bugs of that nature due to the way they are written. If you read the source, it's easy to see why they are secure. They don't use static buffers and all network input is checked.
Most security problems with C code stem from the use of the standard C library. Dan doesn't use it. His C library makes it much easier to write secure code. If everyone writing C ditched the standard C library, we would see fewer security related bugs.
See this page for an explanation of why qmail is secure: http://cr.yp.to/qmail/guarantee.html
Where do I get my C web server
http://cr.yp.to/publicfile.html
Wrong, try this:
void mfree(void **ptr) {
free(*ptr);
*ptr = NULL;
}
The behavior of free() on NULL pointers is specified by ISO C and POSIX.
You're right, C or C++ code with explicit memory allocation still makes it too easy to code double-free bugs.
Not really. There is a simple way to avoid freeing something twice: set the pointer to NULL after it has been freed. Both free() and delete take no action if the pointer is NULL.