On Wed, Jul 4, 2012 at 9:51 AM, Simon L. B. Nielsen <simon@freebsd.org> wro= te: > On Tue, Jul 3, 2012 at 9:39 PM, Doug Barton <dougb@freebsd.org> wrote: >> On 07/03/2012 05:39, Dag-Erling Sm=C3=B8rgrav wrote: >>> Doug Barton <dougb@FreeBSD.org> writes: >>>> The correct solution to this problem is to remove BIND from the base >>>> altogether, but I have no energy for all the whinging that would happe= n >>>> if I tried (again) to do that. >>> >>> I don't think there will be as much whinging as you expect. Times have >>> changed. >>> >>> I'm willing to import and maintain unbound (BSD-licensed validating, >>> recursive, and caching DNS resolver) if you remove BIND. >> >> You've got a deal! >> >> Unbound requires ldns, which is a good thing. Part of this project would > > How's the security support for ldns / unbound? For third party > software sitting in the 'frontline' that part is rather important. > >> also be to enable drill so that we have a command-line dns lookup tool >> in the base, but that's trivial once you've got ldns imported. > > Does that means loosing host(1) ? That would be somewhat annoying. There's a version of host based on unbound. At least, there's an unbound-host package for Debian Linux: http://packages.debian.org/search?keywords=3Dunbound-host --=20 Freddie Cash fjwcash@gmail.com _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"