Am 30.05.2014 18:52, schrieb Wietse Venema: > li...@rhsoft.net: >> /** drop privileges to 'nobody' */ >> if(!@posix_setgid(99) || !@posix_setuid(99)) > > PHP, eh?
yes, simply because it's the language i know to handle perfectly and the database insert / update is done within a few minutes after the next beer :-) from that moment on, well, it can start collect and the decision which DNS server and how to feed it with the data follows later > You also need to drop "secondary groups". On UNIX, that's > done with setgroups() or initgroups(), before dropping > root privileges thanks for the hint, looks not that it's supported http://www.php.net/manual/en/book.posix.php on the other hand that machine is stripped down as well as the service-script don't have much code or handles any user input at all becaue the remote-ip don't come from the client and after have that in a var the connection is dropped
