Date: Sun, 20 Feb 2000 17:18:56 +0100 From: sthaug@nethelp.no To: zaks@prioris.im.pw.edu.pl, S.Zak@altkom.com Cc: freebsd-security@FreeBSD.ORG Subject: Re: Why should I upgrade from 2.2.8 to 3.4 Message-ID: <42901.951063536@verdi.nethelp.no> In-Reply-To: Your message of "20 Feb 2000 12:16:20 %2B0100" References: <87g0uo5dkr-cos-mos@localhost.localnet>
next in thread | previous in thread | raw e-mail | index | archive | help
> > Yes but BIND 4 has even more security holes than BIND 8. If I had to > > run 2.2.8 and BIND, I'd install BIND 8 and run it in a jail under a > > non-privileged account. > > Noone did serious security audit of BIND 8, so where do you get this > "news" from ?? BIND 4 was audited by the OpenBSD team and is shipped > with OpenBSD. I believe it does proper bound checking at least. There are enough *other* known errors in BIND 4.9.x (functional, may or may not be security related) that I certainly wouldn't want to return to using 4.9.x. Also, proper bounds checking alone (even if it certainly helps!) isn't enough for good security. Steinar Haug, Nethelp consulting, sthaug@nethelp.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42901.951063536>