Date: Tue, 30 Jul 2013 16:26:21 +0100 From: Peter Maxwell <peter@allicient.co.uk> To: freebsd-stable@freebsd.org Subject: Re: Bind in FreeBSD, security advisories Message-ID: <CA%2BaY-u7ynASeVdLaJkXDfccb2Jn-X1iqNa1Tw5tx=ino6%2BYdPA@mail.gmail.com> In-Reply-To: <20130730.154208.41672901.sthaug@nethelp.no> References: <CAO%2BPfDctepQY0mGH7H%2BgOSm4HJwhe-RCND%2BmxAArnRxpWiCsjg@mail.gmail.com> <CAFHbX1%2BJyHSPCccmf%2Bhk4C2b8wOcAUvxraFv7%2B04bNbbxbO33g@mail.gmail.com> <20130730.154208.41672901.sthaug@nethelp.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On 30 July 2013 14:42, <sthaug@nethelp.no> wrote: > > > For years, a lot of security advisories have been present for bind. > > > I'm just guessing if it's not a good idea to remove bind from base? > > > > > > This will probably free by half the number of FreeBSD SA's in the > future. > > > > > > > Sure, but no bind in base also implies no dig, nslookup or host. > > Exactly. It's a slippery slope - if we continue removing useful > functionality from FreeBSD there are fewer and fewer arguments for > why one should use FreeBSD and not Linux. > Having lots of third-party software in base is not one of those reasons however. > > Yes, I know everything can be installed from packages/ports. Two of > *my* main reasons for using FreeBSD is that: > > 1. It's an integrated *system*, not just a kernel. > That's not an argument for retaining something that is non-essential for most people and can easily be installed from ports. There is very little that is actually essential in base... having to turn sendmail off on every new installation already does my nut in but having mail facilities is essential, so it has to be there. Having bind in base does have one advantage in that it is more carefully scrutinised that it would likely be in ports. > 2. The base system contains a lot of the useful functionality I need. > So does ports. > > and every contrib part which is removed, detracts from this. > No, it doesn't. The base system should be just that - a base minimal installation.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA%2BaY-u7ynASeVdLaJkXDfccb2Jn-X1iqNa1Tw5tx=ino6%2BYdPA>