Date: Thu, 17 Feb 2000 06:02:53 -0800 From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> To: Brett Glass <brett@lariat.org> Cc: Wes Peters <wes@softweyr.com>, Richard Wackerbarth <rkw@dataplex.net>, Warner Losh <imp@village.org>, freebsd-security@FreeBSD.ORG Subject: Re: Why should I upgrade from 2.2.8 to 3.4 Message-ID: <200002171403.GAA81839@cwsys.cwsent.com> In-Reply-To: Your message of "Wed, 16 Feb 2000 13:12:53 MST." <4.2.2.20000216131102.04308c80@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <4.2.2.20000216131102.04308c80@localhost>, Brett Glass
writes:
> At 11:12 AM 2/16/2000 , Wes Peters wrote:
>
> >And this coming from the 2.x "keeper of the flame." Yes, 2.2.8 should carry
> >a warning label of some sort.
>
> On the other hand, some things in 2.2.8 were actually more secure than
> later versions. When the ADMROCKS exploit got out, I discovered that the
> BIND that shipped with 2.2.8 wasn't susceptible. Systems with newer versions
> of BIND were.
Yes but BIND 4 has even more security holes than BIND 8. If I had to
run 2.2.8 and BIND, I'd install BIND 8 and run it in a jail under a
non-privileged account.
Regards, Phone: (250)387-8437
Cy Schubert Fax: (250)387-5766
Team Leader, Sun/DEC Team Internet: Cy.Schubert@uumail.gov.bc.ca
UNIX Group, ITSD, ISTA
Province of BC
"COBOL IS A WASTE OF CARDS."
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200002171403.GAA81839>