Time to disable BIND 9 custom malloc by default?

Shane Kerr shane at time-travellers.org
Fri Apr 11 08:52:20 UTC 2014


All,

One thing that came up in the midst of the Heartbleed thingy is that it
possibly could have been discovered and mitigated a lot sooner if
OpenSSL used the default system malloc() libraries:

http://www.tedunangst.com/flak/post/heartbleed-vs-mallocconf

BIND 9 also has it's own memory handler, which is also on by default
IIRC. Perhaps it is time to consider disabling this?

(I am also skeptical that there is any performance gain on modern
systems, and quite possibly also unneeded memory bloat, but probably
the security gain by itself is enough to encourage using the standard
system libraries...)

Cheers,

--
Shane


More information about the bind-workers mailing list