[Dnsmasq-discuss] command on DHCP release

Luca Landi me@lucalandi.com
Mon, 2 May 2005 23:54:12 +0200


hai scritto:
> There was a patch submitted here a month or so ago which did this (and 
> more - it calls out on every lease state change.)
> 
> One reason I'm equivocating about adding it to the dnsmasq mainline is 
> that it requires dnsmasq to run as root in order that the external 
> command can also run as root.

Yes that's true, but to work around that you might use a thing like sudo. 
However there might be other usages for that feature which don't need root 
privileges.

> Do you gain more 
> security from your dynamic firewall rules that you lose from having a 
> network-exposed daemon running as root rather than as nobody.

Well, let's say that I trust you being able to write bug-free code! :-)