Re: bind8 vs bind9
On Mon, Nov 18, 2002 at 01:38:13PM -0600, Kirk Strauser wrote:
>
> At 2002-11-18T18:12:13Z, "Gary Hennigan" <glhenni@sandia.gov> writes:
>
> > ...if security is *the* major concern in a DNS installation it's probably
> > a good idea to stay away from BIND altogether.
>
> I'd disagree for one main reason: BIND is Open Source, and tinydns is not.
Uh, of course tinydns (sic; it's really djbdns) is open source.
Perhaps you meant to say _DFSG Free_ ?
> More security compromises have been found in the former, but it has perhaps
> 100 times the number of users testing it and programmers examining it.
> Frankly, as a programmer, I would not waste my time auditing tinydns when I
> could make a bigger contribution to BIND.
Good for you.
--
Nathan Norman - Incanus Networking mailto:nnorman@incanus.net
Good judgement comes from experience.
Experience comes from bad judgement.
-- Unattributed
Reply to: