Coming back to the topic of computer security, the TCP Wrapper is an example of such a safety net. I wrote it when my systems were under attack by someone who appeared to walk through walls.

About Wietse Venema

Wietse Zweitze Venemais a Dutch programmer and physicist best known for writing the Postfix email system. He also wrote TCP Wrapper and collaborated with Dan Farmer to produce the computer security tools SATAN and The Coroner’s Toolkit.

More about the author

More quotes from Wietse Venema

Adding functionality is not just a matter of adding code.

Wietse Venema

Dutch computer scientist

Defect-free software does not exist.

Wietse Venema

Dutch computer scientist

However, writing software without defects is not sufficient. In my experience, it is at least as difficult to write software that is safe – that is, software that behaves reasonably under adverse conditions.

Wietse Venema

Dutch computer scientist

Like all software, Qmail can survive only when it keeps up with changing requirements.

Wietse Venema

Dutch computer scientist

The challenge with Postfix, or with any piece of software, is to update software without introducing problems.

Wietse Venema

Dutch computer scientist

As of today, the Postfix mail transport agent has almost 50,000 lines of code, comments not included.

Wietse Venema

Dutch computer scientist

Windows favors multi-threading, which means that a service is implemented by one single process.

Wietse Venema

Dutch computer scientist

Most of the effort in the software business goes into the maintenance of code that already exists.

Wietse Venema

Dutch computer scientist

One bug in an SMTP server can open up the whole machine for intrusion.

Wietse Venema

Dutch computer scientist

Sure, but competition is good for the user.

Wietse Venema

Dutch computer scientist

Coming back to the topic of computer security, the TCP Wrapper is an example of such a safety net. I wrote it when my systems were under attack by someone who appeared to walk through walls.

Wietse Venema

Dutch computer scientist

Writing software that’s safe even in the presence of bugs makes the challenge even more interesting.

Wietse Venema

Dutch computer scientist

When I write software, I know that it will fail, either due to my own mistake, or due to some other cause.

Wietse Venema

Dutch computer scientist

At the time the Sendmail program had a very poor reputation with respect to security, with four root vulnerabilities per year for two successive years.

Wietse Venema

Dutch computer scientist

The Postfix security model is based on keeping software simple and stupid.

Wietse Venema

Dutch computer scientist

I don’t expect an overnight change of all desktops to what the US Military used to call B3 level security. And even that would not stop users from shooting themselves into the foot.

Wietse Venema

Dutch computer scientist

Qmail out of the box works fine, so people will want to use it regardless of licensing restrictions, even when the software does not ship with their system software.

Wietse Venema

Dutch computer scientist

In a previous life I wrote the software that controlled my physics experiments. That software had to deal with all kinds of possible failures in equipment. That is probably where I learned to rely on multiple safety nets inside and around my systems.

Wietse Venema

Dutch computer scientist

My reply is: the software has no known bugs, therefore it has not been updated.

Wietse Venema

Dutch computer scientist

I was going to visit IBM for six months as a visiting scientist. Now, six months is a lot of time, so I came with a whole list of projects that I might want to work on.

Wietse Venema

Dutch computer scientist

For many people my software is something that you install and forget. I like to keep it that way.

Wietse Venema

Dutch computer scientist

Postfix keeps running even if one Postfix process dies; Windows requires that someone restarts the service.

Wietse Venema

Dutch computer scientist

I want to avoid locking people into solutions that work only with Postfix. People should have a choice in what software they want to use with Postfix, be it anti-virus or otherwise.

Wietse Venema

Dutch computer scientist

This will surprise some of your readers, but my primary interest is not with computer security. I am primarily interested in writing software that works as intended.

Wietse Venema

Dutch computer scientist

Lack of documentation is becoming a problem for acceptance.

Wietse Venema

Dutch computer scientist