Date: Sun, 24 Nov 2002 23:36:27 +0100 From: Thomas Seck <tmseck-lists@netcologne.de> To: stable@freebsd.org Subject: Re: named.root Message-ID: <20021124223627.GA452@laurel.tmseck.homedns.org> In-Reply-To: <3DE02EFC.AB671666@softweyr.com> References: <20021121204315.707455D04@ptavv.es.net> <3DDDD74D.F4BC206F@softweyr.com> <20021122162336.GA480@laurel.tmseck.homedns.org> <Pine.GSO.4.50.0211231539380.29334-100000@quartz.bos.dyndns.org> <3DE02EFC.AB671666@softweyr.com>
next in thread | previous in thread | raw e-mail | index | archive | help
* Wes Peters (wes@softweyr.com):
> > On Fri, 22 Nov 2002, Thomas Seck wrote:
> >
> > > No one is kept from modifying his or her local copy of FreeBSD to suit
> > > his resp. her needs. I do not think that Network Solutions will assign
> > > 198.41.0.10 tomorrow to $evil_person for $most_evil_purpose but YMMV.
> >
> They are, of course, assuming they will be around to insure that for at
> least 5 years. I'm not sure I agree with that assumption either.
RELENG_4_x (x<=7) being the only "vulnerable" versions will not be
around that long either unless installed and maintained by some really
clueless person (who would not apply updates including updated root zone
files anyway).
> This update certainly didn't harm RELENG_4_7 in any way, why in hell are
> you two still carping about it?
I am not carping about anything. You are the one who is keeping this
thread alive on -stable where it is absolutely off-topic. If you think
this is a serious issue, discuss it either with security-officer@ or on
freebsd-security.
If I decide to run RELENG_-versions of FreeBSD (what I do) then
I want the FreeBSD project to take care of problems with the _code_.
What we see here is a problem with the _configuration_. Keeping the
configuration up to date -- or "apply modifications" as I worded it in
my first reply to you -- is the administrator's job.
My original point - which you forgot to mention - is that the people who
run third party DNS packages are even more "at risk". I did not see
patches or updates for DNS ports because of the root zone change yet.
Because of the ongoing off-topicness: EOD for me.
--Thomas
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021124223627.GA452>