lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20030312041027.GH599@mikebell.org>
Date: Tue, 11 Mar 2003 20:10:28 -0800
From: Mike Bell <mike@...ebell.org>
To: Mike Schiffman <mike@...onexus.com>
Subject: Re: [Summary of Responses] Bound by Tradition: A sampling of the security posture of the Internet's DNS servers


On Tue, Mar 11, 2003 at 08:30:17AM -0800, Mike Schiffman wrote:
> 12) It is a bit misleading to say djbdns has no security 
> vulnerabilities.  While it is true that the component programs that 
> make up djbdns have not had a known vulnerability, the design of djbdns 
> relies on external services (Bernstein recommends rsync over ssh, I 
> believe) to replicate data from the primary to secondaries.

By that logic a bug in vi is a bug in BIND, because you need an editor
to maintain zone files.

DJB may recommend rsync over ssh, but djbdns as distributed by DJB only
offers that as one potential way to get data from one computer to another,
you can use any means you see fit to do so.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ