Security lessons from Qmail

Qmail is a secure alternative to Sendmail. This paper summarizes some lessons learned from 10 years of development.

  • Eliminate bugs: duh!
  • Eliminate code: less code probably means fewer bugs.
  • Eliminate trusted code: Run most of your code in a tight, secure runtime environment (i.e. .NET with limited CAS). Concentrate bug fixing effort on that tiny little bit of code that still needs to be trusted.
  • Don’t just chase attackers: Most security work is patching holes found by attackers. These are merely symptoms of insecure code. In addition, devs must focus on the root cause of these security holes.
  • Minimizing privileges doesn’t solve the problem: Work on fixing bugs, not just minimizing damage when bugs are exploited.
  • Don’t obsess about performance: A small slowdown is better than insecure software

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s