[lsb-discuss] Inclusion of sendmail and patch
taggart at carmen.fc.hp.com
Tue Feb 4 14:43:23 PST 2003
"Lee W" writes...
> Anyways, I am currently in the process of developing my own custom =
> mini-distro for a specific project I am working on. However one of the =
> keys goals is that I want to ensure it complies with as many standards =
> as possible (LSB, FSH etc), rather than these changes being made at a =
> later date (like the majority of distros are now having to do). I feel =
> it is also a good way to learn about Linux itself.
Sounds like a good plan.
> My queries at the moment relate to the inclusion of 2 particular =
> commands/utilities, namely sendmail & patch.
> Can anyone expand on the rational as to why sendmail is mandated by the =
> On a minimal system you may not need the particular functionality of a =
> MTA (or is it an MDA) or in the case of running sendmail (or equivilent) =
> as a daemon a mail server.
The spec says that a command called sendmail should exist that obeys the
options list in the spec,
and is available for applications that want to be able to send mail. This
doesn't necessarily mean that *the* Sendmail(tm) is there and is open to
the world. Most MTAs provide a command "sendmail" that behaves like
Sendmail(tm). It is useful for LSB developers to be able to have their
applications send mail, without having to deliver their own MTA.
> Also surely including such as program could =
> be a security risk.
Yes it could.
> Basic security principle includes only having the =
> programs you require available on your system and no more don't they? =
You could make that arguement, but I think the value and low likelyhood of
problem outweigh it. And having developers deliver their own MTA is
probably even worse.
> Crackers cannot exploit a program that does not exist, and sendmail =
> doesn't have one of the best security records.
Again, spec doesn't specify Sendmail(tm) but a program called sendmail.
> Secondly, what is the reasoning behind including patch as a core =
> I will fully admit to not having much knowledge on this point, but is it =
> not primarily a tool used in development, such as applying updates to =
> source code prior to recompilation (although I believe it can be used to =
> modify script files as well)?
It's a tool for delivering updates to files, which developers might need to
do on a runtime system. There may be additional justification which I'm not
Does this help?
Matt Taggart Linux and Open Source Lab
taggart at fc.hp.com Hewlett-Packard
More information about the lsb-discuss