[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Securing bind..

On Mon, Dec 31, 2001 at 04:15:18AM +0100, jernej horvat wrote:
> On Monday 31 December 2001 03:34, Michael D. Schleif wrote:
> > 	<http://cr.yp.to/distributors.html>
> Because of that policy there are no precompiled packages of djbdns, because:
> "You may distribute a precompiled package if 
>  - installing your package produces exactly the same files, in exactly the 
> same locations, that a user would obtain by installing one of my packages 
> listed above" etc.
> Free?
> > If you are pleased with chasing the complexities inherent in overly
> > complex tools, then, please, keep them uptodate . . .
> compiling the whole package [1], installing it in paths that djb thinks are 
> ok. complex?
> there is an alternative => http://dnrd.nevalabs.org/

An interesting thing about djb is he does have knack for identifying real
problems with existing defacto standard software and re-inventing it.

What then follows is fierce flamewars about the relative merits of the old
vs djb software/licence/etc. In summary the djb implementation is full of
good ideas and raises valid concerns about the original implementation, but
is crippled by a crappy licence, disrespect for standards, and wierd
configuration paradigm.

Eventually, this leads to yet another implementation or three that takes
djb's ideas and addresses the licence, standards, and configuration issues.

sendmail -> qmail -> postfix,exim,etc
bind -> djbdns -> ??

The sad thing is if djb stopped using his crappy licence, there would be no
need for the n+1 implementations his re-invention spawns, because the
community could adopt his software and resolve the other issues to their own

ABO: finger abo@minkirri.apana.org.au for more info, including pgp key

Reply to: