[Dnsmasq-discuss] command on DHCP release
Wed, 4 May 2005 00:31:44 +0200
Simon Kelley ha scritto:
> Every potential addition is a judgement call between useful extra stuff
> and bloat. In my experience, running shells to "do stuff" is never that
> satisfactory, it's also terifyingly easy to get parameter escaping or
> environment stuff wrong and allow arbitrary command execution.
I quite disagree on the "never satisfactory" thing: in general I can't see
anything really simpler and more straightforward to get the job done than
running a good old shell script to configure things. Regarding security, in
general I much agree with you but I disagree with your strong adjectives:
secure programming is always possible, certainly difficult but still
possible. Later in your message you mention dbus: IMHO that is fairly
contraddicting with respect to security because difficulty of secure
programming usually is very related to complexities and introducing dbus
introduces complexities also into dnsmasq (don't know, just supposing).
Anyway I understand that you are not undecided as the "equivocating" verb
you used in your previous message made me think (or maybe I just
misinterpreted it due to the Italian meaning of that verb...) so I won't
bother you further.
> An alternative that I'm thinking about is DBus:
> www.freedesktop.org/Software/dbus which is a lightweight IPC system
> expressly designed for integrating daemon-like software components on
> Unix systems. I already have libdbus patched into the initialisation and
> event-loop code in dnsmasq, and DBus methods to set the upstream
Ideally sounds cool, but I wonder whether it would actually suit an embedded
system. I mean: another thing to compile, deploy, make room for in memory
and storage... Don't know, seems a bit oversized for what dnsmasq is meant
to be. But you seem to really "striding" toward it so what do you think
about adding methods to also manipulate the internal cache? recently I'd
have loved to have the possibility to "hotplug" (add/remove) entries in the
cache at my will.
> Maybe that could be extended for DHCP lease status changes?
Can well be, but in order for it to make sense I think we'd need yet another
daemon (to compile, deploy, etc.) waiting for those messages on the dbus.
And what would that daemon possibly do on each received message? as long as
all (or at least most of) other daemons, utilities, tools, etc. normally
present even in the leanest system won't be dbus-aware that daemon would
probably end up running a shell script, so you may have pushed many
security concerns away from dnsmasq (which is certainly good since, as you
said, dnsmasq is directly exposed by definition while dbus is not) but
added general complexity to the overall operating system. And all this only
to "do stuff" which most of times is very simple and quick? at a first
glance to me it does not worth the while.
All this is just my 2 cents :-)