From owner-freebsd-hackers  Wed Jul 24 22:53:32 2002
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 742A837B400
	for <freebsd-hackers@FreeBSD.ORG>; Wed, 24 Jul 2002 22:53:28 -0700 (PDT)
Received: from ns.aus.com (adsl-66-127-240-180.dsl.sntc01.pacbell.net [66.127.240.180])
	by mx1.FreeBSD.org (Postfix) with ESMTP id C0EA043E5E
	for <freebsd-hackers@FreeBSD.ORG>; Wed, 24 Jul 2002 22:53:27 -0700 (PDT)
	(envelope-from rsharpe@ns.aus.com)
Received: from localhost (rsharpe@localhost)
	by ns.aus.com (8.11.6/8.11.6) with ESMTP id g6P75wV12288;
	Thu, 25 Jul 2002 16:35:58 +0930
Date: Thu, 25 Jul 2002 16:35:58 +0930 (CST)
From: Richard Sharpe <rsharpe@ns.aus.com>
To: Terry Lambert <tlambert2@mindspring.com>
Cc: Paul Khavkine <paul@colba.net>, Peter Wemm <peter@wemm.org>,
	<freebsd-hackers@FreeBSD.ORG>
Subject: Re: Name service switch
In-Reply-To: <3D3F47A0.91239B47@mindspring.com>
Message-ID: <Pine.LNX.4.33.0207251635280.5810-100000@ns.aus.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

On Wed, 24 Jul 2002, Terry Lambert wrote:

> Paul Khavkine wrote:
> > Well the one we have in -CURRENT lacks dynamic module support (as does IRS).
> > 
> > I just wanted to know if there was any issues for not implementing IRS
> > before ?
> 
> The BIND IRS implementation depends on use of the BIND resolver
> library.  In FreeBSD, the resolver library is integrated into
> libc, so upgrading it is very, very hard compared to what it
> would be if it were boken out into a seperate libresolv.
> 
> The use of loadable modules has two problems; the first is that
> it requires that binaries be dynamically, not statically linked,
> because FreeBSD does not support a static "libdlopen" because of
> how symbol lookups are wedged for things like a NULL parameter,
> and importing of main object symbols by loaded modules (in fact,
> the ELF standard was never intended to support static linking),
> and some programs can not be dynamically linked (anything run
> before /usr is mounted to get lib and libexec).  The second is
> that dynamic linking and modules themselves open you up to
> security exploits based on inherent flaws in the idea in a
> hostile implementation environment.

Hmmm, so what you are telling me is that winbindd will not work on FreeBSD 
even under 5.0?
 
> If you want to find an IRS patch set for FreeBSD, serach for
> the terms "irs" "nss" "ldap", and it will be in the top 5 or
> so.
> 
> -- Terry
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-hackers" in the body of the message
> 

-- 
Regards
-----
Richard Sharpe, rsharpe@ns.aus.com, rsharpe@samba.org, 
sharpe@ethereal.com


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message