Date: Wed, 31 Jan 2001 17:54:34 -0800 (PST) From: Matt Dillon <dillon@earth.backplane.com> To: Chris Johnson <cjohnson@palomine.net> Cc: Przemyslaw Frasunek <venglin@freebsd.lublin.pl>, freebsd-security@FreeBSD.ORG Subject: Re: FreeBSD Security Advisory: FreeBSD-SA-01:18.bind Message-ID: <200102010154.f111sYE23275@earth.backplane.com> References: <200101312123.f0VLNL134920@freefall.freebsd.org> <Pine.LNX.4.30.0101312352150.3617-100000@jamus.xpert.com> <20010201014819.H675@riget.scene.pl> <20010131200142.A90211@palomine.net>
next in thread | previous in thread | raw e-mail | index | archive | help
:Yes! Why work around BIND limitiations and do all this sandboxing to try to
:limit the damage it can do to you, when there's a better alternative?
:
:Chris
Yah, that's the ticket... kinda like wu-ftpd was created because existing
ftpd's weren't up to snuff, except wu-ftpd turned out to have literally
dozens of rootable exploits.
Just because BIND's loopholes are advertised doesn't mean that other
DNS servers don't have loopholes. While I agree that some of the newer
ones almost certainly have *fewer* rootable loopholes, maybe, I don't
see them as improving my risk factors much.
-Matt
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200102010154.f111sYE23275>