Debian/Ubuntu: Why was the service renamed from bind9 to named?

Fred Morris m3047 at
Thu Jul 23 15:13:52 UTC 2020

On Thu, 23 Jul 2020, charlie derr wrote:
> On 7/23/20 9:49 AM, Michael De Roover wrote:
>> [...]
>> For this to work at all though, they'd have to provide all packages
>> simply as source code (why not use the distribution's own source
>> repositories?) and compile it on the target.
> [...]
> While it would still *technically* be security by obscurity, it would
> seem to me that there's some value to this approach because access to
> the compiled binary wouldn't necessarily be easy to obtain (especially
> if the sysadmin provisioning the system takes extra efforts to *not*
> share it with anyone).  Or am i missing something?

They actually run a very large build farm in AWS, and they claim that all 
binaries are made just for you. Basically you change your distro's package 
repositories to theirs. Preventing people from examining the binaries in 
order to craft working memory exploits which work across a large installed 
base is exactly what they're aiming to prevent.

Disclosure: I've heckled their CTO in a friendly fashion for making better 
idiots, but I paid for my own Old Fashioned.


Fred Morris

More information about the bind-users mailing list