search

rafaeljusto / shelter

Program to periodically validate and alert domains about DNS or DNSSEC misconfiguration
GNU General Public License v2.0
8 stars 3 forks source link

Run as non-root #114

Open rafaeljusto opened 10 years ago

rafaeljusto commented 10 years ago

For security reason we should drop the privileges after catching all the necessary resources.

rafaeljusto commented 10 years ago

https://groups.google.com/forum/#!topic/golang-nuts/IpfEDBVSE34

rafaeljusto commented 10 years ago

http://code.google.com/p/go/issues/detail?id=1435#c42 http://man7.org/linux/man-pages/man7/capabilities.7.html

rafaeljusto commented 10 years ago 
setcap CAP_NET_BIND_SERVICE shelter