Bind in FreeBSD, security advisories
Mehmet Erol Sanliturk
m.e.sanliturk at gmail.com
Tue Jul 30 13:13:05 UTC 2013
On Tue, Jul 30, 2013 at 8:47 AM, Daniel Kalchev <daniel at digsys.bg> wrote:
>
> On 30.07.13 15:21, Mark Felder wrote:
>
>> People don't seem upset about not having a webserver, IMAP/POP daemon,
>> or LDAP server in base, so I don't understand what the big deal is about
>> removing BIND.
>>
>
> I believe the primary reason these things are not in the base system is
> that they have plenty of dependencies, with possibly conflicting licenses
> etc.
>
> If the concern is over the rare case when you absolutely
>> need a DNS recursor and there are none you can reach I suppose we should
>> just import Unbound.
>>
>
> There are many and good reasons to include an fully featured name server,
> or at least full recursive resolver. For example, for properly supporting
> DNSSEC.
> We could in theory remove the BIND's authoritative name server
> executable... if that is attracting the SAs.
>
> The justification "reduce the number of SA's", that is, "the bad PR" is
> probably not enough. Going that direction, we should consider Comrade
> Stalin's maxim "FreeBSD exists, there are problems, here is the solution --
> no FreeBSD, no problems!" :-)
>
> Daniel
>
Then , there exists a new problem :
"There is no FreeBSD ..."
Thank you very much .
Mehmet Erol Sanliturk
More information about the freebsd-stable
mailing list