Firewall Wizards mailing list archives
Re: Does blocking TCP DNS packets keep your Bind safe?
From: Darren Reed <darrenr () reed wattle id au>
Date: Wed, 14 Mar 2001 10:17:22 +1100 (EST)
In some email I received from Todd, sie wrote:
darren, all, On Wed, 14 Mar 2001, Darren Reed wrote:I think you're taking too hard a line on the ISC there. BIND is written in C and for better or worse, C is *HARD* to program in a secure and safe manner, especially when you have an application as large and complex as BIND is. The only way to run applications, such as BIND, is as non-root and in a chroot'd environment. BIND makes it rather easy to do this. Maybe sendmail and BIND need to be rewritten in java ? ;) Darrenyou're probably right. but here's my point: other people (in particular dan bernstein) *do* seem to be able to write secure code in C.
I've yet to see anything from mr djb which has even come close to the complexity and richness of the ISC products (sendmail, named). But then I'm not afraid of sendmail.cf O:-) Darren _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Does blocking TCP DNS packets keep your Bind safe?, (continued)
- Re: Does blocking TCP DNS packets keep your Bind safe? John Adams (Mar 10)
- Re: Does blocking TCP DNS packets keep your Bind safe? Crist Clark (Mar 10)
- Re: Does blocking TCP DNS packets keep your Bind safe? Jeff Sedayao (Mar 10)
- Re: Does blocking TCP DNS packets keep your Bind safe? Andrew Huffer (Mar 10)
- Re: Does blocking TCP DNS packets keep your Bind safe? Bill_Royds (Mar 10)
- RE: Does blocking TCP DNS packets keep your Bind safe? Ben Nagy (Mar 11)
- Re: Does blocking TCP DNS packets keep your Bind safe? Luca Berra (Mar 13)
- RE: Does blocking TCP DNS packets keep your Bind safe? Todd (Mar 13)
- Re: Does blocking TCP DNS packets keep your Bind safe? Darren Reed (Mar 14)
- Re: Does blocking TCP DNS packets keep your Bind safe? Todd (Mar 14)
- Re: Does blocking TCP DNS packets keep your Bind safe? Darren Reed (Mar 14)
- RE: Does blocking TCP DNS packets keep your Bind safe? Todd (Mar 16)