Time to disable BIND 9 custom malloc by default?
Loganaden Velvindron
loganaden at gmail.com
Fri Apr 11 09:54:56 UTC 2014
On Fri, Apr 11, 2014 at 12:52 PM, Shane Kerr <shane at time-travellers.org> wrote:
> All,
>
> One thing that came up in the midst of the Heartbleed thingy is that it
> possibly could have been discovered and mitigated a lot sooner if
> OpenSSL used the default system malloc() libraries:
>
> http://www.tedunangst.com/flak/post/heartbleed-vs-mallocconf
>
> BIND 9 also has it's own memory handler, which is also on by default
> IIRC. Perhaps it is time to consider disabling this?
>
> (I am also skeptical that there is any performance gain on modern
> systems, and quite possibly also unneeded memory bloat, but probably
> the security gain by itself is enough to encourage using the standard
> system libraries...)
I was looking into that as well :-)
Would there be interest in doing that in 9.11 release cycle ?
>
> Cheers,
>
> --
> Shane
> _______________________________________________
> bind-workers mailing list
> bind-workers at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-workers
--
This message is strictly personal and the opinions expressed do not
represent those of my employers, either past or present.
More information about the bind-workers
mailing list