Re: Bind in FreeBSD, security advisories
In article
<1375186900.23467.3223791.24CB348A@webmail.messagingengine.com>,
feld@freebsd.org writes:
>just import Unbound. However, if you can't reach any DNS servers I
>assume you can't reach the roots either, so I don't understand what a
>local recursor will gain you.
There are plenty of situations in which a remote recursive resolver is
untrustworthy. (Some would say any situation.) It doesn't have to be
BIND, but people do legitimately want the normal DNS diagnostic
utilities, which sadly have been tied together with BIND for some
years now. (I don't know why anyone would ever use nslookup(1), but
host(1) and dig(1) are pretty much essential.)
It is a little bit disconcerting to see that big chunks of our BSD
heritage have turned into someone else's commercial product, but that
seems to be the way of the world these days.
-GAWollman
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 8 之 50 篇):