[dns-operations] "freeware is a recipe for problems"

[Florian Weimer]

* Douglas Otis:

> There is a fair amount of effort attempting to make it more difficult
> for bad actors, once they find a means to escalate user privilege, to
> then locate code locations by things like ALSR (Address Space Layout
> Randomization).

This reference to ASLR is extremely odd in a DNS context.  At best,
ASLR turns code execution exploits into server crashes.  Does this
help?  In the DNS context, not that much.

> Maybe they are right. Perhaps it is better to not know what is lurking
> within a proprietary OS.

But that ship has sailed.  How many ISPs still run their DNS servers
on operating systems for which source code is not widely available?