Eero Volotinen wrote:
How do you have a remote root exploit if you aren't running as root?
Ask the sendmail advisories for 8.12.x.
Wasn't the last bug found and fixed 5 or 6 years ago?
and still lots of more lurking in the dark corners of sendmail?
Probably not, or someone would have found them in the last five years.
At least I don't want to run software with poor security track on my public servers.
So you don't run the Linux kernel? Wade through the changelog sometime. Or BIND? it is unrealistic to think large software packages don't have bugs or that they won't be found and fixed over time.