Mailinglist Archive: opensuse-security (757 mails)

< Previous Next >
RE: [suse-security] Is bind 9.1.0 secure?
  • From: "Reckhard, Tobias" <tobias.reckhard@xxxxxxxxxxx>
  • Date: Tue, 22 Jan 2002 06:21:41 +0100
  • Message-id: <96C102324EF9D411A49500306E06C8D1A56CDA@xxxxxxxxxxxxxxxxx>
Re Kurt

> > Have you read DJB's comments?
>
> Yes. And? His comments with regard to Postfix are incorrect
> (i.e. wrong) and
> seriously out of date.

True. And I agree that his social skills leave to be desired..

> Have you read this:
>
>
http://www.sigmasoft.com/~openbsd/archive/openbsd-ports/200108/msg00461.html
>
> It got bad enough that OpenBSD dropped his software from _ports_.

Ah yes, the eternal DJB license debate. I don't like it either and it
prohibits distribution vendors from distributing his software, but it's not
the software or its quality that's the problem (though I agree that Dan is
rather unorthodox in his use of directories and he invents new root-level
subdirectories every now and then, which I don't really much like - OTOH,
lots of programs use very different directories for similar tasks..), it's
Dan's urge to remain totally in control and his crusade for his beliefs.

> Plus most of his software stagnates quite quickly, and he doesn't
officially
> accept contributions, so you end up missing basic functionality that is
> addressed by third party (unaudited typically) patches.

Well, if features you need are missing, you shouldn't use the software and
go find something else instead. I don't feel that each and every mail server
needs or should even have all the bells and whistles of MS Exchange. When
the product is done and the task its coder wanted it to perform is completed
by it, why shouldn't he call it a final?

Note that I don't use Qmail, but rather Postfix, and I prefer Wietse's
attitude to Dan's any day (and this is my personal opinion). But regarding
DNS servers, there is no choice corresponding to the one between Postfix and
Qmail. It's BIND or djbdns, which is more like a Qmail to Sendmail
comparison. And I don't really trust 'complete rewrites' a lot, honestly, it
takes time to produce a certain number of lines of code and the BIND folks
were pretty fast with BIND9 if it's from scratch.. It probably also retains
a lot of the not-so-good ideas of former BIND versions with regard to
handling glue, etc..

Cheers
Tobias

< Previous Next >