Date: Tue, 30 Jul 2013 16:32:44 +0300 From: Daniel Kalchev <daniel@digsys.bg> To: Mehmet Erol Sanliturk <m.e.sanliturk@gmail.com> Cc: freebsd-stable <freebsd-stable@freebsd.org> Subject: Re: Bind in FreeBSD, security advisories Message-ID: <51F7C07C.9060606@digsys.bg> In-Reply-To: <CAOgwaMt4G02yhU0cbiq_EEwhi4=mgt2kLGJf0Rgb8t9wECsGJA@mail.gmail.com> References: <CAO%2BPfDctepQY0mGH7H%2BgOSm4HJwhe-RCND%2BmxAArnRxpWiCsjg@mail.gmail.com> <1375186900.23467.3223791.24CB348A@webmail.messagingengine.com> <51F7B5C7.6050008@digsys.bg> <CAOgwaMt4G02yhU0cbiq_EEwhi4=mgt2kLGJf0Rgb8t9wECsGJA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 30.07.13 16:13, Mehmet Erol Sanliturk wrote: > > > > On Tue, Jul 30, 2013 at 8:47 AM, Daniel Kalchev <daniel@digsys.bg > <mailto:daniel@digsys.bg>> wrote: > > > Going that direction, we should consider Comrade Stalin's maxim > "FreeBSD exists, there are problems, here is the solution -- no > FreeBSD, no problems!" :-) > > Daniel > > > > > Then , there exists a new problem : > > > "There is no FreeBSD ..." We already know Comrade Stalin's solution had... bugs. Not before millions parted with their lives... When/if we remove BIND from FreeBSD, we might find out whether that solution has bugs, or not. Not until then, though. Back to the topic :) My take on this is that removing BIND from the base today is.. irresponsible. First, most who use FreeBSD expect an DNS server to be readily available. Some people would just avoid to use any ports etc. BIND in base is well tested and known evil. If we are ever to replace it with something else, that something else has to prove itself - demonstrate that it is at least as good as BIND -- in the base system. In practice, not in theory. This is very much an situation like replacing gcc with clang/llvm. However, in the case of BIND we have no licensing problems, stability problems, performance problems etc --- just concerns that BIND generates many SAs -- which might be actually good indicator, as it demonstrates that BIND is worked on. I personally see no reason to remove BIND from base. If someone does not want BIND in their system, they could always use the WITHOUT_BIND build switch. Daniel
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?51F7C07C.9060606>