FreeBSD recommends not using base unbound for an authoritative server
jungle Boogie
jungleboogie0 at gmail.com
Wed Mar 18 19:00:04 UTC 2015
Hi Chris,
On 18 March 2015 at 08:32, Chris Stankevitz <chrisstankevitz at gmail.com> wrote:
> On Tue, Mar 17, 2015 at 4:29 PM, Jungle Boogie <jungleboogie0 at gmail.com> wrote:
>> I use unbound from base _only_ at home for recursive DNS stuff. If I were to
>> make it authoritative for a domain, I'd use ports or packages because they
>> are updated more frequently over what's it base.
>
> Mr. Boogie,
>
> Thank you for your reply. Are you referring to security? Is this the
> is a correct interpretation of what you are saying:
>
> "In general, the FreeBSD base software is untrustworthy because it is
> infrequently updated. Someone who is interested in security should
> avoid the FreeBSD base packages and use ports wherever possible."
>
No, I wouldn't say untrustworthy nor am I referring to trust at all.
If you install unbound from ports/pkg, you'll have unbound (or
anything else) updated more frequently over what's in freeBSD base.
>From here, we can see how frequently is updated:
https://www.freshports.org/dns/unbound/
You may not care about frequent updates, so that's something you'll
need to consider.
> Thank you,
>
> Chris
--
-------
inum: 883510009027723
sip: jungleboogie at sip2sip.info
xmpp: jungle-boogie at jit.si
More information about the freebsd-questions
mailing list