From owner-freebsd-security  Tue May 16  5:22: 4 2000
Delivered-To: freebsd-security@freebsd.org
Received: from closed-networks.com (closed-networks.com [195.153.248.242])
	by hub.freebsd.org (Postfix) with SMTP id 42D2737B700
	for <freebsd-security@freebsd.org>; Tue, 16 May 2000 05:22:00 -0700 (PDT)
	(envelope-from udp@closed-networks.com)
Received: (qmail 7455 invoked by uid 1021); 16 May 2000 12:26:21 -0000
Date: Tue, 16 May 2000 13:25:31 +0100
From: User Datagram Protocol <udp@closed-networks.com>
To: Stuart Henderson <stuart@eclipse.net.uk>
Subject: Re: pid file for named
Message-ID: <20000516132531.M2139@closed-networks.com>
Reply-To: User Datagram Protocol <udp@closed-networks.com>
References: <Pine.BSF.4.21.0005160634430.21765-100000@srh0902.urh.uiuc.edu> <20000516131606.C16398@naiad.eclipse.net.uk>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 1.0.1i
In-Reply-To: <20000516131606.C16398@naiad.eclipse.net.uk>; from stuart@eclipse.net.uk on Tue, May 16, 2000 at 01:16:06PM +0100
X-Echelon: MI6 Cobra GCHQ Panavia MI5 Timberline IRA NSA Mossad CIA Copperhead
Organization: Closed Networks Limited, London, UK
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Tue, May 16, 2000 at 01:16:06PM +0100, Stuart Henderson wrote:
> On Tue, May 16, 2000 at 06:48:05AM -0500, Frank Tobin wrote:
> > One often wishes to run daemons such as named under other users, e.g.,
> > bind:bind.  In order to allow bind to write out zones and associated fun
> > stuff correctly, one then does a
> 
> For dns, surely djb's servers are a better choice where
> security is a priority?
> 

I have no firm figures, just subjective time perception, but a box 
running djb's dnscache seemed a heck of a lot slower than another box
running regular BIND at doing reverse lookups...

The machines are both running 4.0-RELEASE and are of comparable spec.

-- 
Bruce M. Simpson aka 'udp'       Security Analyst & UNIX Development Engineer
                                            WWW: www.closed-networks.com/~udp 
Dundee                                             www.packetfactory.net/~udp
United Kingdom                            email:      udp@closed-networks.com


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message