From owner-freebsd-chat Sun Feb 4 7:46:59 2001 Delivered-To: freebsd-chat@freebsd.org Received: from lariat.org (lariat.org [12.23.109.2]) by hub.freebsd.org (Postfix) with ESMTP id B08B137B401 for ; Sun, 4 Feb 2001 07:46:40 -0800 (PST) Received: from mustang.lariat.org (IDENT:ppp0.lariat.org@lariat.org [12.23.109.2]) by lariat.org (8.9.3/8.9.3) with ESMTP id IAA01786; Sun, 4 Feb 2001 08:46:27 -0700 (MST) Message-Id: <4.3.2.7.2.20010204083825.049e1e70@localhost> X-Sender: brett@localhost X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Sun, 04 Feb 2001 08:46:21 -0700 To: Rahul Siddharthan From: Brett Glass Subject: Re: UNIX-like approach to software and system architecture (Was: D J Bernstein) Cc: freebsd-chat@FreeBSD.ORG, deraadt@cvs.openbsd.org In-Reply-To: <20010204162732.A50591@lpt.ens.fr> References: <4.3.2.7.2.20010204080917.049ecca0@localhost> <20010203135902.M94275@lpt.ens.fr> <200102022245.PAA15968@usr08.primenet.com> <20010202140505.B91552@dogma.freebsd-uk.eu.org> <200102022245.PAA15968@usr08.primenet.com> <4.3.2.7.2.20010203110403.048e78e0@localhost> <4.3.2.7.2.20010204080917.049ecca0@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-chat@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 08:27 AM 2/4/2001, Rahul Siddharthan wrote: >I believe OpenBSD avoided the recent BIND bug, but they still bundle >their version of BIND 4.x because they aren't satisfied about the >security of later versions. I still run BIND 4.x for that very reason. I've never really trusted BIND 8. The only major feature that 4.x lacks from a security perspective is the ability to prevent zone transfers to unauthorized parties, and this can be done (albeit crudely) at the firewall. So I do it there. >Do they plan to work on a BIND >substitute, or pick up djbdns? Good question! It would be consistent with their philosophy to do so. What's more, perhaps Theo could convince djb to agree to relicense under a BSD-type license, so that OpenBSD and others could conduct ongoing code audits as new types of security exploits were discovered. This would be a boon not only to OpenBSD but to everyone. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message