On Thu, Jan 15, 2009 at 11:16:52PM +0000, martin f krafft wrote: > reopen 500806 > retitle 500806 nsdc should drop privileges when invoked as root > severity 500806 wishlist > thanks > > also sprach Pierre Habouzit <madco...@debian.org> [2009.01.16.0222 +1300]: > > Nope, you're the one being wrong, you should not run nsdc as root, > > unless you're starting nsd. > > > > You should do : su -c nsd nsdc rebuild > [...] > > You knew you had it coming: > > Since I do not have to su for running postfix flush or reload, and > I do not have to su to run rndc and I do not have to su to run > apache2ctl, it only seems reasonable that nsdc should handle this > itself: please make it drop privileges when invoked as root.
Have you ever used inn2 ? Because it has substantially the very same problem. My problem is, the user can change username from /etc/nsd3/nsd.conf to change the user nsd is running under, and it's rather "hard" to parse from nsdc (which is pure sh scripting). .... except that: $(nsd-checkconf -o username /etc/nsd3/nsd.conf) is what I want. ... ... okay I'll provide a patch then -- ·O· Pierre Habouzit ··O madco...@debian.org OOO http://www.madism.org
pgpPJnWki2YXH.pgp
Description: PGP signature
