Prev-20 Home Next-20 7 msg pppconfig can't find internal modem. 8 msg Help playing simultaneously splitted videos (so... 12 msg iptables configuration problem 4 msg noatime option is ignored for / 2 msg Configuring and Booting Xen 8 msg Nvidia drivers for 8600 GT 1 msg Problems with Ncurses UIs through Terminal 7 msg should dual-core Pentium Processor Extreme Edit... 4 msg OT - Need help setting up mailman to work with ... 2 msg OT - A serious problem with my exim configuration 1 msg OT - !!! An error occured while trying to send ... 4 msg new install 2007.0 and gcc-3.3.6 13 msg locate 1 msg Problems recieving digest 36 msg Panic at boot time after update kernel to 2.6.2... 3 msg python emerge appears to have broken my python ... {OT} web/mail server as nameserver \ Grant (10 May 2007) . \ Crayon Shin Chan (11 May 2007) . . \ jarry (11 May 2007) . . . \ Crayon Shin Chan (11 May 2007) . . . . \ Håkon Alstadheim (11 May 2007) . . . . . \ kashani (11 May 2007) 26 msg convert rpm to ebuild 3 msg Onboard video 1 msg something keeps incrementing links to CD and DV... Prev-20 Home Next-20

Prev-Msg Prev-Thread Gentoo-user May-2007 Next-Thread Next-Msg Subject: Re: {OT} web/mail server as nameserver Group: Gentoo-user From: kashani Date: 11 May 2007 Håkon Alstadheim wrote: > Crayon Shin Chan wrote: >> On Friday 11 May 2007 18:48, jarry wrote: >> >>> Poor security of bind is imho similar superstition as it is >>> for sendmail: once in the past this software had some problem, >>> so now a lot of people think they should forever avoid using it... >>> >> If the OP doesn't need any bind-specific feature then why not use djbdns >> which has a better security track record. djb software are built from the >> ground up to be secure (as is possible), he also splits the "program" >> into smaller executables, each having a specific job thus making each of >> them secure a simpler task. Whilst bind and sendmail have made >> substantial efforts to be more secure, they are still built on legacy and >> bloated monolithic code. >> >> > Just to fill in the picture a bit, the djb* software also has a long > "flip-the-bird-at-any-rfc-you-don't-like" track-record. > I generally agree with Håkon on this. :-). The other issue is that djb likes to abandon his software after it's "done". Things like DNSSEC and dynamic updates don't exist in djbdns and aren't planned. They don't matter so much if you're just doing authoritative DNS, but if you're doing interesting thing on your network Bind is pretty much required. kashani -- gentoo-user mailing list Prev-Msg Prev-Thread Gentoo-user May-2007 Next-Thread Next-Msg

© 2004-2008 readlist.com