DNS Cache Snooping?

Jeff Lightner jlightner at water.com
Thu Jun 26 14:40:58 UTC 2008 

The way it is with most other patch sets.  Release the updated software
and provide release notes on usage especially new differences.   One
could bold key points.

I'm not suggesting RHEL shouldn't bundle in a good example named.conf
(e.g. named.conf.example" but rather that they shouldn't overwrite a
named.conf that is already in place.  I even have suggested RedHat
should make the 9.4 package available in an earlier post - just noted
that there is a place in between automatic version upgrade and patching.
Adam does patch the 9.3.4 P1 to address known issues.

Sometimes the changes are different enough that one can't simply patch
what is there but rather has to plan for it.  Years ago we "patched" C++
at a site and realized after the fact we hadn't just brought in bug
fixes but had rather changed the version we were running to a degree
that things would no longer compile properly.   In that case it was a
combination of the vendor and the end users being at fault.  The vendor
had it bundled as a patch (of which they literally had hundreds per
year) rather than as a completely new version but we didn't read the
release notes that would have made it clear to us this was the case if
we had.

-----Original Message-----
From: vixie at vix.com [mailto:vixie at vix.com] On Behalf Of Paul Vixie
Sent: Thursday, June 26, 2008 10:30 AM
To: Jeff Lightner
Cc: Adam Tkac; bind-users at isc.org
Subject: Re: DNS Cache Snooping? 

> I for one would be really upset if RHEL overwrote supposedly default
> configurations as I noted in my Sun patch to st.conf email yesterday.

can you offer some guideance here, then, for ISC and for RH?  the
default
ACL for allow-query was *wrong* and had to be fixed for the good of the
internet.  we did this with a lot of soul searching and some fanfare.
we
put it into a new major release, since we knew it was an
incompatibility.
and, since it was a new major release, we also put other things into it,
including some things that RHEL users might benefit from.

how should RH and ISC cause these new features to reach these customers?
----------------------------------
CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.
----------------------------------

More information about the bind-users mailing list