Date:        Thu, 1 Feb 2001 09:59:06 -0500
    From:        Mipam <mipam@ibb.net>
    Message-ID:  <20010201095906.B4194@bootp-20-219.bootp.virginia.edu>

  | but then it would be nice to take precautions,
  | such as running in a chrooted env as unpriviligded user,

That's good advice.

  | and to disable choas info being spread out to ppl who query it for example.
  | That way, when there'll be again an eploit found,
  | it should have less impact.

But that isn't.

I'm not against disabling the VERSION.BIND stuff in the chaos class,
that's rubbish - but don't for a second think that by doing so you're
any less likely to be vulnerable to a future exploit - you aren't.
(except in the one in a hundred billion chance that the 10 lines or
so of the VERSION.BIND handling code is the source of the problem).

kre