what i really want to talk
about is: how to get people to upgrade their software when defects
sending out announcements through CERT and the bind-announce m/l
I seems to me that you are assuming that the problem is not enought
information gets to system admins... that may be the case in some
instances, but it is my belief that the majority of the cases have to
do with the fact that systems are not administered.
i.e. they where setup once and there are assumed to be running without
need for maintenance. imho, this is a very reasonable expectation...
unfortunatly most software is not really up to what people expect in
If you want to address this issue my suggestion would be to make BIND
automatically update itself... and option that needs to default to ON
and that can be disabled in managed systems where admins are expected
to read CERT and act upon it.
This is sort of the direction other systems are taking... microsoft,
which is quite competent on the consumer market, tends to have this
automated update tools that can be turned off but are a pain to do
so. The result is imperfect but imho better than what would be without
I'm afraid that BIND is currently a consumer tool also and that you
should not expect an administrator to be present, even if someone was
around to initialy setup the system.