Date: Mon, 8 Feb 1999 18:08:53 -0800 (PST) From: Matthew Dillon <dillon@apollo.backplane.com> To: Steve Kargl <sgk@troutmask.apl.washington.edu> Cc: myke@ees.com (Mike Holling), des@flood.ping.uio.no, jabley@clear.co.nz, obrien@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: adding DHCP client to src/contrib/ Message-ID: <199902090208.SAA12073@apollo.backplane.com> References: <199902090202.SAA64401@troutmask.apl.washington.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
:Mike Holling wrote:
:
:It will probably go into /sbin, /bin, or /stand. These are statically
:linked exacutables.
:
:> I built a static version of the WIDE client and server, both were only
:> around 140K. What's the problem? It's not like putting emacs in the base
:> install or anything. I still run FreeBSD on a 386/40 with a 40M MFM main
:> drive, and even so I'm not worried about the "bloat" of adding DHCP. Lots
:
:Bloat by any other name is still bloat.
:
:> Windows comes with DHCP. Heck, even my old Mac IIci running System 7.5.5
:> comes with DHCP. It's small and increasingly useful, why not make it part
:> of the base distribution? Or would you rather have FreeBSD be like
:> RedHat, where you have to install an RPM for just about everything?
:
:Where do you draw the line on the base system? Security is
:important so add tcp_wrappers? More and more documentation is released
:in html, so add apache?
:
:Once something is added to the base distribution, it seldomly
:gets removed?
:
:--
:Steve
I think what goes into the base distribution depends on where we
think TheRestOfTheWorld is heading. dhcpd use has exploded in
recent years and it is unlikely to go away for a long, long time.
dhcpd also supports traditional bootp protocols such as those used
by BOOTP kernels. I think it would be an excellent addition to our
base system.
However, someone needs to do a serious security check on it. I
did a quick once-over of the code a few months ago and its security
is extremely poor. For example, I had to commit some fairly
serious bounds checking to dhcpd's ( I forget which version ) DNS
resolution routines. Without a security audit, enabling the thing
by default is just asking to get hacked.
-Matt
Matthew Dillon
<dillon@backplane.com>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199902090208.SAA12073>