On Tue, Aug 15, 2000 at 12:34:44PM -0700, Pete Naylor wrote:
> 
> Thor Lancelot Simon wrote...
> 
> > > (as you can
> > > tell, I'm not of the opinion that more daemons equates to more security).
> > 
> > Improved modularity of code generally leads to more security when it
> > assists in isolating and minimizing security-critical sections. 
> 
> That's a nice theory.

One which is adhered to by most of the most eminent experts in the field.

If you want to convince me otherwise, you won't do so by snipping my
discussion of the difficulty of analyzing security-critical sections so
that you can detetmine whether or not a program as a whole is secure.  No
isolation of such sections means that the program essentially can't be
analyzed, and you lose.

I'm also not inclined to listen to you because:

A) You're obviously raving.  If you were a little less hopping-up-and-down
   mad about this issue, your point might get across better.  I am not
   inclined to waste more time discussing this with you if you are interested
   solely in characterizing decisions which were actually made after quite a
   bit of discussion among the developers as "the selfish desires of a few
   Postfix fans".

B) You *entirely* miss the point of the licensing issue -- we do our very
   best to ensure that binary-only NetBSD systems can be built, run, and
   be useful with no, or a minimum, of code that requires source disclosure.
   By and large, we succeed at this goal -- most GPL'ed code is confined to
   the toolchain, and those shipping embedded systems don't usually need to
   put a compiler on every customer's box, for example.

C) You're presuming to lecture me about security when you evidently don't
   even know that OpenSSH *is* one of the direct descendants of the Ylonen
   SSH code, and that it's overall structure remains almost exactly the same.

Thor