It seems several smoothwall developers have developed an attitude towards accepting criticizm from other security professionals and don't feel this is an issue that deserves their attention. The issue escalated when the lead person responsible for the project called it "Trench Warfare." It seems he doesn't take criticism too well? Is the state of the project in jeopardy? Is there a battle going on between the people developing the project and attitude towards their users? Are there other security holes that aren't being fixed?
Users interested in a system not succeptible to this security vulnerability might try Slackware. Users interested in a web-managable secure solution might try EnGarde.
Update 13:49 EST - Richard Morell, smoothwall project founder, responded to LinuxSecurity.com with the following email. It certainly wasn't our intention to mislead. We report, you decide. There is also a page on their site now that provides their perspective.
Subject: Factual reporting of the article you posted Date: Fri, 18 Jan 2002 17:13:49 +0000 From: Richard MorrellTo: dave@linuxsecurity.com Dave, I really really really wish a site of the standing of Linux Security would check its sources. Its really appalling. You've made sweeping statements about our project that if you please fix then I'd be grateful. Juergen Schmidt is a noise, an unpleasant but effective noise, a radical without a cause - he loves stirring it - can't write effective journalism and hates being made to look what he is - half witted and unable to do basic research at shell level. Lawrence Manning the code leader behind SmoothWall responded to Juergen throughout but Juergen forgot to mention that we twice made him look a dork by finding flaws in his research, your article today made us look like we don't care when we do and we work long hours so please correct this once you've read Lawrences OWN response. Richard Morrell Project Manager, Founder AND FUNDER
The link for this article located at SecurityFocus is no longer available.