Re: Secure?

[Pedro Rosa <Pedro.Rosa@ksu.ru>]

Kurth Bemis wrote:

> isn't the point of NSA ESL to be secure?  If so why are you using 
> something that is buggier than netscape code??  I referring to 
> wu-FTP.  why not put efforts toward something that is already secure 
> (like OpenBSD)?  Is there some reason that i'm missing as to why you 
> choosing this route?
> 
> ~kurth
> 
> 
> -- 
> You have received this message because you are subscribed to the 
> selinux list.
> If you no longer wish to subscribe, send mail to 
> majordomo@tycho.nsa.gov with
> the words "unsubscribe selinux" without quotes as the message.
> 
> 

Apart of that stupid OS-war call (I have nothing against OpenBSD and 
even use it in some servers btw), the question has some base... WuFTP 
has been plagued by bugs and security holes for quite long. And on the 
NSA's site this program has also the mark "untested". Frankly why to set 
efforts in a program that seems conceptually flawed? Or is there a 
"light in the end of the tunnel" for WuFTP's troubles? Shouldn't we 
consider other ftp daemons?  Or if we realise that FTP protocol is 
flawed from start, to choose other protocols?

Frankly I would like to see a more clear position about this question as 
the presence of WuFTP is probably the most questionable program in 
selinux. Not only in technical terms but also it arises questions in the 
concept itself.


Ektanoor


--
You have received this message because you are subscribed to the selinux list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.