bind chrooted, logging and SELinux = suffering

Pete Ehlke pde at
Wed Jun 1 16:17:42 UTC 2005

On Wed Jun 01, 2005 at 11:46:16 -0400, Jason Vas Dias wrote:
>By default, Red Hat ships BIND with maximum security protection enabled,
>to counter known security vulnerabilities as mandated by our security
>response team.
You know, the 'known security vulnerabilities' chestnut just keeps
popping up. Please tell me- what 'known security vulnerabilities' have
you identified in current versions of BIND? 

NB: vulnerabilities in BIND 8 that date to 1999 do not count.
Vulnerabilities introduced by operating system flasw do not count. We're
talking current BIND here. What 'known security vulnerabilites' do you
see in current BIND that are not introduced by your own choice of OS?

More information about the bind-users mailing list