Time to disable BIND 9 custom malloc by default?
loganaden at gmail.com
Fri Apr 11 09:54:56 UTC 2014
On Fri, Apr 11, 2014 at 12:52 PM, Shane Kerr <shane at time-travellers.org> wrote:
> One thing that came up in the midst of the Heartbleed thingy is that it
> possibly could have been discovered and mitigated a lot sooner if
> OpenSSL used the default system malloc() libraries:
> BIND 9 also has it's own memory handler, which is also on by default
> IIRC. Perhaps it is time to consider disabling this?
> (I am also skeptical that there is any performance gain on modern
> systems, and quite possibly also unneeded memory bloat, but probably
> the security gain by itself is enough to encourage using the standard
> system libraries...)
I was looking into that as well :-)
Would there be interest in doing that in 9.11 release cycle ?
> bind-workers mailing list
> bind-workers at lists.isc.org
This message is strictly personal and the opinions expressed do not
represent those of my employers, either past or present.
More information about the bind-workers