Re: We need a new subject- bug fixes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Les Mikesell wrote:

OpenOffice is the particular thing I had in mind, but I suspect there are others. I'm not talking about additional packages - this is in reference to your comment about not deviating from upstream.

Again probably licensing reasons. I made no absolute statements that no packages ever deviate. I said that Fedora packages generally avoid patches and I stand by that.

3) Security. Daemons connecting to external ports by default is a bad idea. Well documented reasons. Configuration changes are easier to manage compared to other kind of patches too.

I suppose if you break a program's intended functionality there's not so much to maintain. That doesn't seem like a great thing to do, though, especially without providing an easy/obvious way undo it. In any case it is hard to imagine any 'upstream' version of sendmail ever delivered with that configuration

Perhaps you send to actually check instead of speculating what upstream does. Sendmail is enabled by default but not configured to connect to external ports in order to deliver local mail for root user but avoid the additional security issues with connecting to external ports by default. If there is a security hole in sendmail and it connects to external ports by default, it is remotely exploitable. If only connects to local host, then the security risk is lowered. I dont see how this is breaking any functionality since this is a well documented configuration change for security reasons. It is trivially easy to uncomment a line and configure sendmail to connect to external ports. What exactly are you suggesting?

Rahul


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux