Date: Sun, 04 Feb 2001 08:46:21 -0700 From: Brett Glass <brett@lariat.org> To: Rahul Siddharthan <rsidd@physics.iisc.ernet.in> Cc: freebsd-chat@FreeBSD.ORG, deraadt@cvs.openbsd.org Subject: Re: UNIX-like approach to software and system architecture (Was: D J Bernstein) Message-ID: <4.3.2.7.2.20010204083825.049e1e70@localhost> In-Reply-To: <20010204162732.A50591@lpt.ens.fr> References: <4.3.2.7.2.20010204080917.049ecca0@localhost> <20010203135902.M94275@lpt.ens.fr> <200102022245.PAA15968@usr08.primenet.com> <20010202140505.B91552@dogma.freebsd-uk.eu.org> <200102022245.PAA15968@usr08.primenet.com> <4.3.2.7.2.20010203110403.048e78e0@localhost> <4.3.2.7.2.20010204080917.049ecca0@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
At 08:27 AM 2/4/2001, Rahul Siddharthan wrote: >I believe OpenBSD avoided the recent BIND bug, but they still bundle >their version of BIND 4.x because they aren't satisfied about the >security of later versions. I still run BIND 4.x for that very reason. I've never really trusted BIND 8. The only major feature that 4.x lacks from a security perspective is the ability to prevent zone transfers to unauthorized parties, and this can be done (albeit crudely) at the firewall. So I do it there. >Do they plan to work on a BIND >substitute, or pick up djbdns? Good question! It would be consistent with their philosophy to do so. What's more, perhaps Theo could convince djb to agree to relicense under a BSD-type license, so that OpenBSD and others could conduct ongoing code audits as new types of security exploits were discovered. This would be a boon not only to OpenBSD but to everyone. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.2.7.2.20010204083825.049e1e70>