Date: Wed, 31 Jan 2001 15:27:25 -0800 (PST) From: Matt Dillon <dillon@earth.backplane.com> To: Alfred Perlstein <bright@wintelcom.net> Cc: Brian Behlendorf <brian@collab.net>, Roman Shterenzon <roman@xpert.com>, freebsd-security@FreeBSD.ORG Subject: Re: FreeBSD Security Advisory: FreeBSD-SA-01:18.bind Message-ID: <200101312327.f0VNRPv20077@earth.backplane.com> References: <20010131140447.E26076@fw.wintelcom.net> <Pine.BSF.4.31.0101311447150.729-100000@localhost> <20010131145423.H26076@fw.wintelcom.net> <200101312305.f0VN5vJ19469@earth.backplane.com> <20010131151531.I26076@fw.wintelcom.net>
next in thread | previous in thread | raw e-mail | index | archive | help
:> I think we can easily make it the default.
:
:If it breaks HUP, then not really. :)
:
:I'm not sure how bind handles restarts, but even if it exec(2)s over
:itself it can track the fd open for its socket and shouldn't have to
:rebind it.
You gotta work with what you have. Bind outsmarts itself in a lot
of places, especially the stupid interface scanning/binding code. The
last thing I want it to do is hold *any* state from the previous
incarnation across a restart. Frankly, restarting is not a big deal
even if you have hundreds or thousands of domains. I always restarted
named at BEST rather then HUP it, becausing HUPing is simply too
dangerous when you make random modifications to dozens of primary
zone files out of thousands.
ndc kill's the original bind and starts a new one as root when you use
'ndc restart'.
-Matt
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200101312327.f0VNRPv20077>