From owner-freebsd-questions@FreeBSD.ORG Wed Mar 18 15:32:20 2015 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 753B479B for ; Wed, 18 Mar 2015 15:32:20 +0000 (UTC) Received: from mail-lb0-x22b.google.com (mail-lb0-x22b.google.com [IPv6:2a00:1450:4010:c04::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id EB95BC41 for ; Wed, 18 Mar 2015 15:32:19 +0000 (UTC) Received: by lbblx11 with SMTP id lx11so10267159lbb.3 for ; Wed, 18 Mar 2015 08:32:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=K3iQKOABtUuj6k4sF2w1l3mr+h5vihIQTqkcBQVslXE=; b=oNY+UBiIjuQOABem9eUDPJ/gCbph4kK3BJ3MbmZwBUtn/5s2eE5PRZJBUuJrYTAYpt 6czrubIdXINyVKdVi4ZZikbjIHXb50l+TBGKakkrqD/iRuz4x4TMHU3z/g8EchzVAUw7 oHgxge0+MTTncXMr/XiFupRJ0QyPctOVCJ7wMYmEgFEu362QtPyg7o0PLUmQO3jANA/M JMHNE/4hfag5T9JolcugNoHvjE9CMDQEeaEXm4kEGJKDybZXLGJKRgXN95Rghfy0XYRn NX/ShzZKoTuodRe7zT9BWUSNllXli4SHxIePp/Hk6RZfEjuN2dyM21LctVH8qcwDGmjf 3ZyA== MIME-Version: 1.0 X-Received: by 10.152.23.3 with SMTP id i3mr63243880laf.97.1426692738046; Wed, 18 Mar 2015 08:32:18 -0700 (PDT) Received: by 10.25.212.1 with HTTP; Wed, 18 Mar 2015 08:32:17 -0700 (PDT) In-Reply-To: <5508B8EB.3050907@gmail.com> References: <5508B8EB.3050907@gmail.com> Date: Wed, 18 Mar 2015 08:32:17 -0700 Message-ID: Subject: Re: FreeBSD recommends not using base unbound for an authoritative server From: Chris Stankevitz To: Jungle Boogie Content-Type: text/plain; charset=UTF-8 Cc: freebsd-questions X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Mar 2015 15:32:20 -0000 On Tue, Mar 17, 2015 at 4:29 PM, Jungle Boogie wrote: > I use unbound from base _only_ at home for recursive DNS stuff. If I were to > make it authoritative for a domain, I'd use ports or packages because they > are updated more frequently over what's it base. Mr. Boogie, Thank you for your reply. Are you referring to security? Is this the is a correct interpretation of what you are saying: "In general, the FreeBSD base software is untrustworthy because it is infrequently updated. Someone who is interested in security should avoid the FreeBSD base packages and use ports wherever possible." Thank you, Chris