[linux-elitists] anybody using non BIND dns?

Dan Wilder dan@ssc.com
Thu Feb 1 22:20:20 PST 2001


On Thu, Feb 01, 2001 at 06:17:08PM -0800, Heather wrote:
> > The first example of elitism is with regard to working on BIND. Vixie
> > honestly believes:
> > 1) Very few people (all of which are well known to him) understand the
> > idiosynchrocies of DNS and the associated RFC's well enough to make
> > changes to BIND without fucking things up.
> > 2) Virtually no-one is a good enough programmer to modify BIND without
> > fucking it up.

I wonder if that's more a comment on the state of programmers,
or on the state of BIND.  The number of buffer overflow exploits
and the like that have been discovered doesn't speak highly of
the latter.  Avoiding buffer overflows isn't rocket science.
It merely takes a little knowledge, and a lot of discipline.

Perhaps it wasn't Vixie who wrote the code that permits the
buffer overflows.  And all those advisories only confirm #2.

<aside>
Speaking from the experience (that is to say, not much experience)
of an evening spent looking at the BIND code some time ago, trying 
to track down the source of a timeout that was bedeviling a split 
DNS I'd set up on a network with, unfortunately, an unreliable 
Internet connection, I'll say that it _is_ entirely possible that 
virtually no-one is a good enough programmer to modify BIND without 
fucking it up.

Contrast with, say, Wietse Venema's Postfix code.  Though
very few patches pass Wietse's scrutiny, and a good thing, too,
I'd opine that Postfix is well enough crafted that there are vastly 
many programmers good enough to modify Postfix without fucking it up.
</aside>

-- 
Dan Wilder <dan@ssc.com>   



More information about the linux-elitists mailing list