FreeBSD recommends not using base unbound for an authoritative server

jungle Boogie jungleboogie0 at
Wed Mar 18 19:00:04 UTC 2015

Hi Chris,
On 18 March 2015 at 08:32, Chris Stankevitz <chrisstankevitz at> wrote:
> On Tue, Mar 17, 2015 at 4:29 PM, Jungle Boogie <jungleboogie0 at> wrote:
>> I use unbound from base _only_ at home for recursive DNS stuff. If I were to
>> make it authoritative for a domain, I'd use ports or packages because they
>> are updated more frequently over what's it base.
> Mr. Boogie,
> Thank you for your reply.  Are you referring to security?  Is this the
> is a correct interpretation of what you are saying:
> "In general, the FreeBSD base software is untrustworthy because it is
> infrequently updated.  Someone who is interested in security should
> avoid the FreeBSD base packages and use ports wherever possible."

No, I wouldn't say untrustworthy nor am I referring to trust at all.

If you install unbound from ports/pkg, you'll have unbound (or
anything else) updated more frequently over what's in freeBSD base.

>From here, we can see how frequently is updated:

You may not care about frequent updates, so that's something you'll
need to consider.

> Thank you,
> Chris

inum: 883510009027723
sip: jungleboogie at
xmpp: jungle-boogie at

More information about the freebsd-questions mailing list