From owner-cvs-all  Thu Aug 23 10:11:10 2001
Delivered-To: cvs-all@freebsd.org
Received: from niwun.pair.com (niwun.pair.com [209.68.2.70])
	by hub.freebsd.org (Postfix) with SMTP id 2B4A037B409
	for <cvs-all@FreeBSD.org>; Thu, 23 Aug 2001 10:11:03 -0700 (PDT)
	(envelope-from silby@silby.com)
Received: (qmail 40336 invoked by uid 3193); 23 Aug 2001 17:11:02 -0000
Received: from localhost (sendmail-bs@127.0.0.1)
  by localhost with SMTP; 23 Aug 2001 17:11:02 -0000
Date: Thu, 23 Aug 2001 13:11:01 -0400 (EDT)
From: Mike Silbersack <silby@silby.com>
X-Sender:  <silby@niwun.pair.com>
To: Chris Dillon <cdillon@wolves.k12.mo.us>
Cc: Brian Somers <brian@Awfulhak.org>,
	"Andrey A. Chernov" <ache@nagual.pp.ru>,
	Jun Kuriyama <kuriyama@imgsrc.co.jp>, <cvs-committers@FreeBSD.org>,
	<cvs-all@FreeBSD.org>, <brian@freebsd-services.com>
Subject: Re: cvs commit: src/etc/defaults rc.conf src/etc/mtree BSD.var.dist
 src/etc/namedb named.conf 
In-Reply-To: <Pine.BSF.4.32.0108231143390.75946-100000@mail.wolves.k12.mo.us>
Message-ID: <Pine.BSF.4.30.0108231307280.29579-100000@niwun.pair.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG


On Thu, 23 Aug 2001, Chris Dillon wrote:

> Yes, true.  In -CURRENT this won't be a big deal.  In -STABLE it is
> probably good enough that we have a note in defaults/rc.conf that
> named can be run in a sandbox.  It doesn't really motivate one to do
> so, though.  Maybe instead of saying "it may be possible to run named
> in a sandbox" we could be a little more assertive and say "it would be
> a REALLY good idea if you ran named in a sandbox".

Well, the difference is this.

If the default behavior is changed, and an entry is added to UPDATING /
the release notes, a few modem users will be annoyed.  They will get over
it quickly.

If the default behavior is not changed, and another hole is found in BIND,
thousands of boxes will be easily rootable.  At this point in time, the
many users of BIND will not be really happy when the advisory says "We
told you to sandbox it in rc.conf!"

So, the question in my mind isn't whether this change will break modem
users; that's easy enough to fix and has a minimal impact.  The question
is:  will enabling sandboxing potentially break systems which act as
secondaries when they try to grab updated zones?  _That_ would be a
serious problem.

Mike "Silby" Silbersack


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message