Quoting Ian C. Sison ([EMAIL PROTECTED]):
> I'm too influenced by the 'program that does one thing, and one thing
> only, and does it d@mn well' methodology. That's why i'm not to keen
> on existing monolithic programs like bind and sendmail ( Apache has
> taken the middle ground with it's run time modules). Breaking up a
> service into several independent units makes for a cleaner source code
> (less interdependencies), and well defined and simple interfacing
> rules. The less moving parts in a system, the less things can go
> wrong... Of course they are harder to debug with all the IPC going
> around, but when you perfect the little 'proglets' the resulting
> efficiency is worth the extra time and effort.
>
> DJB has done this not only with the MTA but with the name server as
> well.
In principle, this is indeed a better approach. (Of course, ultimately
it's results that matter, and modularity exacts its own cost in an
additional layer of structure.)
> BTW, the 'drop priv' technique is done by both bind and sendmail, both
> notorious for its security problems before, so it's something endemic in
> monolithic designs.
Whoa there! You're glossing over an absolutely _key_ distinction,
something regrettably common in these discussions: I refer to the
vital distinction between BIND 9.x and prior versions.
Vixie inherited the codebase that eventually came to be called BIND from
a predecessor package at UC Berkeley. It was already spaghetti code
when he took it over (while at DEC) as of v. 4.9, around 1987. He and
Bob Halley added some enhancements in 1997 to create the parallel v. 8.x
codebase that became the preferred version for a while. But Vixie knew,
even then, that the codebase was hopelessly unmaintainable, and all 8.x
versions from that point on were attempts to stave off disaster while a
from-scratch replacement got built.
Vixie hired Nominum, Inc. to write a completely new codebase
implementing more-competently the feature set and configuration
interface that v. 8 had been _supposed_ to implement. There are zero
lines of shared code between the two codebases -- by design. (This is
why BIND v. 9.x chokes on some irregular zonefile syntax that v. 8.x
didn't even blink at: Version 8.x was _supposed_ to reject zonefiles
with those errors, but failed to on account of coding bugs.)
So, it is not reasonable to attibute to BIND v. 9.x the security flaws
of the prior release series: There was a fundamental rewrite of a very
radical sort, separating the two.
Please note this is _precisely_ the pitfall I mentioned concerning the
ever-popular Sendmail/Qmail security-history comparisons so beloved of
Qmail advocates. Exact same fallacy.
I note and deplore this tendency in a footnote to my archival copy of
my (earlier) MTA-comparison post. Dek was kind enough to point out that
I'd stupidly used the term "MUA" instead of "MTA" for that. ("Stupidly"
is my word; Dek was a perfect gentleman. ;-> )
Accordingly, I've moved it to http://linuxmafia.com/~rick/linux-info/mtas .
Thanks again for your comments.
--
Cheers, "Teach a man to make fire, and he will be warm
Rick Moen for a day. Set a man on fire, and he will be warm
[EMAIL PROTECTED] for the rest of his life." -- John A. Hrastar
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
Fully Searchable Archives With Friendly Web Interface at http://marc.free.net.ph
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
