[Dnsmasq-discuss] command on DHCP release
Luca Landi
me@lucalandi.com
Mon, 2 May 2005 23:54:12 +0200
hai scritto:
> There was a patch submitted here a month or so ago which did this (and
> more - it calls out on every lease state change.)
>
> One reason I'm equivocating about adding it to the dnsmasq mainline is
> that it requires dnsmasq to run as root in order that the external
> command can also run as root.
Yes that's true, but to work around that you might use a thing like sudo.
However there might be other usages for that feature which don't need root
privileges.
> Do you gain more
> security from your dynamic firewall rules that you lose from having a
> network-exposed daemon running as root rather than as nobody.
Well, let's say that I trust you being able to write bug-free code! :-)