From owner-freebsd-stable Sat May 4 18:18: 2 2002 Delivered-To: freebsd-stable@freebsd.org Received: from 12-234-22-238.client.attbi.com (12-234-90-219.client.attbi.com [12.234.90.219]) by hub.freebsd.org (Postfix) with ESMTP id 3628737B404 for ; Sat, 4 May 2002 18:17:59 -0700 (PDT) Received: from master.gorean.org (master.gorean.org [10.0.0.2]) by 12-234-22-238.client.attbi.com (8.12.3/8.12.3) with ESMTP id g451HrPp089865; Sat, 4 May 2002 18:17:53 -0700 (PDT) (envelope-from DougB@FreeBSD.org) Received: from localhost (doug@localhost) by master.gorean.org (8.12.3/8.12.3/Submit) with ESMTP id g451HnBu004724; Sat, 4 May 2002 18:17:49 -0700 (PDT) Date: Sat, 4 May 2002 18:17:49 -0700 (PDT) From: Doug Barton To: Joe Abley Cc: chris@aims.com.au, , Subject: Re: Why won't bind 8.2.4-REL run properly as user bind (4.5-REL-p3) not chrooted ? In-Reply-To: <20020505005419.GB55915@buffoon.automagic.org> Message-ID: <20020504181349.M378-100000@master.gorean.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sat, 4 May 2002, Joe Abley wrote: > On Sat, May 04, 2002 at 02:16:07PM -0700, Doug Barton wrote: > > On Wed, 1 May 2002, Joe Abley wrote: > > > > > I think 8.3.1 should be rolled into RELENG_4_5, since it specifically > > > contains security fixes over 8.2.4. > > > > Users who depend on BIND can install a newer version from the > > ports. Users who don't are not affected by the problems in 8.2.4. > > That reasoning would make sense if bind was not included in the base > system. Users can easily upgrade bind with a port, and easily back out the upgrade if they decide it doesn't suit their needs. The same is not true of other essential parts of the base system, which is why the security branches were created. If, on the other hand, there were known, exploitable bugs in the version of named in RELENG_4_5, I'd say yes, upgrading it in that branch might be worth consideration. However, in this case we're talking about "best practices," as opposed to "known security vulnerabilities." -- "We have known freedom's price. We have shown freedom's power. And in this great conflict, ... we will see freedom's victory." - George W. Bush, President of the United States State of the Union, January 28, 2002 Do YOU Yahoo!? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message