FreeBSD recommends not using base unbound for an authoritative server

Chris Stankevitz chrisstankevitz at gmail.com
Wed Mar 18 19:49:37 UTC 2015


On Wed, Mar 18, 2015 at 12:00 PM, jungle Boogie <jungleboogie0 at gmail.com> wrote:
> No, I wouldn't say untrustworthy nor am I referring to trust at all.

Thank you for the clarification.

> If you install unbound from ports/pkg, you'll have unbound (or
> anything else) updated more frequently over what's in freeBSD base.
>
> From here, we can see how frequently is updated:
> https://www.freshports.org/dns/unbound/
>
> You may not care about frequent updates, so that's something you'll
> need to consider.

Got it, thank you.  In my original post I described my excitement
about using the FreeBSD base packages for a number of reasons:

- documented in handbook
- security problems are described in FreeBSD announcements
- easy updates with freebsd-update
- infrequent updates

>From the responses here, it seems as if those are valid reasons to
prefer using the FreeBSD base packages.

I'm still left wondering why the FreeBSD handbook recommends favoring
ports over base when running an externally visible unbound server.
However, from the response I got here it seems clear that the reason
is not "security" or "trust".  It's just some other [yet unspecified]
reason.

Thank you again,

Chris


More information about the freebsd-questions mailing list