Time to disable BIND 9 custom malloc by default?

Loganaden Velvindron loganaden at gmail.com
Fri Apr 11 09:54:56 UTC 2014


On Fri, Apr 11, 2014 at 12:52 PM, Shane Kerr <shane at time-travellers.org> wrote:
> All,
>
> One thing that came up in the midst of the Heartbleed thingy is that it
> possibly could have been discovered and mitigated a lot sooner if
> OpenSSL used the default system malloc() libraries:
>
> http://www.tedunangst.com/flak/post/heartbleed-vs-mallocconf
>
> BIND 9 also has it's own memory handler, which is also on by default
> IIRC. Perhaps it is time to consider disabling this?
>
> (I am also skeptical that there is any performance gain on modern
> systems, and quite possibly also unneeded memory bloat, but probably
> the security gain by itself is enough to encourage using the standard
> system libraries...)

I was looking into that as well :-)

Would there be interest in doing that in 9.11 release cycle ?


>
> Cheers,
>
> --
> Shane
> _______________________________________________
> bind-workers mailing list
> bind-workers at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-workers



-- 
This message is strictly personal and the opinions expressed do not
represent those of my employers, either past or present.


More information about the bind-workers mailing list