From owner-freebsd-questions@FreeBSD.ORG Wed Mar 18 16:11:49 2015 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1424B3BB for ; Wed, 18 Mar 2015 16:11:49 +0000 (UTC) Received: from na01-bl2-obe.outbound.protection.outlook.com (mail-bl2on0146.outbound.protection.outlook.com [65.55.169.146]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (Client CN "mail.protection.outlook.com", Issuer "MSIT Machine Auth CA 2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A6F2BE4 for ; Wed, 18 Mar 2015 16:11:48 +0000 (UTC) Received: from [10.0.0.21] (73.5.142.244) by CY1PR03MB1504.namprd03.prod.outlook.com (25.163.17.22) with Microsoft SMTP Server (TLS) id 15.1.112.19; Wed, 18 Mar 2015 15:57:13 +0000 Message-ID: <5509A055.6010701@my.hennepintech.edu> Date: Wed, 18 Mar 2015 10:57:09 -0500 From: Andrew Berg User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.3.0 MIME-Version: 1.0 To: Subject: Re: FreeBSD recommends not using base unbound for an authoritative server References: <5508B8EB.3050907@gmail.com> In-Reply-To: Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit X-Originating-IP: [73.5.142.244] X-ClientProxiedBy: CY1PR0601CA0023.namprd06.prod.outlook.com (25.160.162.33) To CY1PR03MB1504.namprd03.prod.outlook.com (25.163.17.22) Authentication-Results: freebsd.org; dkim=none (message not signed) header.d=none; X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:CY1PR03MB1504; X-Forefront-Antispam-Report: BMV:1; SFV:NSPM; SFS:(10019020)(6009001)(6049001)(377454003)(51704005)(24454002)(122386002)(19580395003)(42186005)(92566002)(75432002)(2950100001)(19580405001)(77156002)(62966003)(23676002)(110136001)(80316001)(83506001)(89122001)(87976001)(65806001)(50466002)(50986999)(88552001)(33656002)(64126003)(65816999)(2351001)(107886001)(46102003)(40100003)(86362001)(76176999)(54356999)(47776003)(450100001)(66066001)(59896002)(65956001)(77096005); DIR:OUT; SFP:1102; SCL:1; SRVR:CY1PR03MB1504; H:[10.0.0.21]; FPR:; SPF:None; MLV:sfv; LANG:en; X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(601004)(5002010)(5005006); SRVR:CY1PR03MB1504; BCL:0; PCL:0; RULEID:; SRVR:CY1PR03MB1504; X-Forefront-PRVS: 051900244E X-OriginatorOrg: my.hennepintech.edu X-MS-Exchange-CrossTenant-OriginalArrivalTime: 18 Mar 2015 15:57:13.7673 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR03MB1504 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Mar 2015 16:11:49 -0000 On 2015.03.18 10:32, Chris Stankevitz wrote: > On Tue, Mar 17, 2015 at 4:29 PM, Jungle Boogie wrote: >> I use unbound from base _only_ at home for recursive DNS stuff. If I were to >> make it authoritative for a domain, I'd use ports or packages because they >> are updated more frequently over what's it base. > > Mr. Boogie, > > Thank you for your reply. Are you referring to security? Is this the > is a correct interpretation of what you are saying: > > "In general, the FreeBSD base software is untrustworthy because it is > infrequently updated. Someone who is interested in security should > avoid the FreeBSD base packages and use ports wherever possible." FreeBSD base gets security fixes. Using something from ports will get you a different version that is updated on a different schedule. That quote sounds like it came from a certain well-known troll blog.