Time to disable BIND 9 custom malloc by default?
Shane Kerr
shane at time-travellers.org
Fri Apr 11 08:52:20 UTC 2014
All,
One thing that came up in the midst of the Heartbleed thingy is that it
possibly could have been discovered and mitigated a lot sooner if
OpenSSL used the default system malloc() libraries:
http://www.tedunangst.com/flak/post/heartbleed-vs-mallocconf
BIND 9 also has it's own memory handler, which is also on by default
IIRC. Perhaps it is time to consider disabling this?
(I am also skeptical that there is any performance gain on modern
systems, and quite possibly also unneeded memory bloat, but probably
the security gain by itself is enough to encourage using the standard
system libraries...)
Cheers,
--
Shane
More information about the bind-workers
mailing list