From owner-freebsd-stable Sun Nov 24 14:36:37 2002 Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AF4EA37B401 for ; Sun, 24 Nov 2002 14:36:35 -0800 (PST) Received: from smtp.netcologne.de (smtp.netcologne.de [194.8.194.112]) by mx1.FreeBSD.org (Postfix) with ESMTP id F2F8E43E6E for ; Sun, 24 Nov 2002 14:36:34 -0800 (PST) (envelope-from tmseck-lists@netcologne.de) Received: from mail.tmseck.homedns.org (xdsl-213-168-117-3.netcologne.de [213.168.117.3]) by smtp.netcologne.de (Postfix) with ESMTP id 2B92D8677F for ; Sun, 24 Nov 2002 23:36:29 +0100 (MET) Received: by mail.tmseck.homedns.org (Postfix, from userid 1001) id E9B8A286C1; Sun, 24 Nov 2002 23:36:27 +0100 (CET) Date: Sun, 24 Nov 2002 23:36:27 +0100 From: Thomas Seck To: stable@freebsd.org Subject: Re: named.root Message-ID: <20021124223627.GA452@laurel.tmseck.homedns.org> Mail-Followup-To: stable@freebsd.org References: <20021121204315.707455D04@ptavv.es.net> <3DDDD74D.F4BC206F@softweyr.com> <20021122162336.GA480@laurel.tmseck.homedns.org> <3DE02EFC.AB671666@softweyr.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3DE02EFC.AB671666@softweyr.com> User-Agent: Mutt/1.4i Organization: private site in Germany X-PGP-KeyID: DF46EE05 X-PGP-Fingerprint: A38F AE66 6B11 6EB9 5D1A B67D 2444 2FE1 DF46 EE05 X-Attribution: tms Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG * Wes Peters (wes@softweyr.com): > > On Fri, 22 Nov 2002, Thomas Seck wrote: > > > > > No one is kept from modifying his or her local copy of FreeBSD to suit > > > his resp. her needs. I do not think that Network Solutions will assign > > > 198.41.0.10 tomorrow to $evil_person for $most_evil_purpose but YMMV. > > > They are, of course, assuming they will be around to insure that for at > least 5 years. I'm not sure I agree with that assumption either. RELENG_4_x (x<=7) being the only "vulnerable" versions will not be around that long either unless installed and maintained by some really clueless person (who would not apply updates including updated root zone files anyway). > This update certainly didn't harm RELENG_4_7 in any way, why in hell are > you two still carping about it? I am not carping about anything. You are the one who is keeping this thread alive on -stable where it is absolutely off-topic. If you think this is a serious issue, discuss it either with security-officer@ or on freebsd-security. If I decide to run RELENG_-versions of FreeBSD (what I do) then I want the FreeBSD project to take care of problems with the _code_. What we see here is a problem with the _configuration_. Keeping the configuration up to date -- or "apply modifications" as I worded it in my first reply to you -- is the administrator's job. My original point - which you forgot to mention - is that the people who run third party DNS packages are even more "at risk". I did not see patches or updates for DNS ports because of the root zone change yet. Because of the ongoing off-topicness: EOD for me. --Thomas To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message