Changeset View
Changeset View
Standalone View
Standalone View
head/dns/powerdns-recursor/files/extrapatch-setuid
--- pdns_recursor.cc.orig 2017-01-17 02:48:30 UTC | --- pdns_recursor.cc.orig 2017-12-11 13:13:52.274237000 +0100 | ||||
+++ pdns_recursor.cc | +++ pdns_recursor.cc 2017-12-11 13:18:42.339569000 +0100 | ||||
@@ -2969,8 +2969,8 @@ int main(int argc, char **argv) | @@ -3325,8 +3325,8 @@ | ||||
::arg().set("disable-syslog","Disable logging to syslog, useful when running inside a supervisor that logs stdout")="no"; | ::arg().set("log-timestamp","Print timestamps in log lines, useful to disable when running with a tool that timestamps stdout already")="yes"; | ||||
::arg().set("log-common-errors","If we should log rather common errors")="no"; | ::arg().set("log-common-errors","If we should log rather common errors")="no"; | ||||
::arg().set("chroot","switch to chroot jail")=""; | ::arg().set("chroot","switch to chroot jail")=""; | ||||
- ::arg().set("setgid","If set, change group id to this gid for more security")=""; | - ::arg().set("setgid","If set, change group id to this gid for more security")=""; | ||||
- ::arg().set("setuid","If set, change user id to this uid for more security")=""; | - ::arg().set("setuid","If set, change user id to this uid for more security")=""; | ||||
+ ::arg().set("setgid","If set, change group id to this gid for more security")="pdns"; | + ::arg().set("setgid","If set, change group id to this gid for more security")="pdns"; | ||||
+ ::arg().set("setuid","If set, change user id to this uid for more security")="pdns_recursor"; | + ::arg().set("setuid","If set, change user id to this uid for more security")="pdns_recursor"; | ||||
::arg().set("network-timeout", "Wait this nummer of milliseconds for network i/o")="1500"; | ::arg().set("network-timeout", "Wait this number of milliseconds for network i/o")="1500"; | ||||
::arg().set("threads", "Launch this number of threads")="2"; | ::arg().set("threads", "Launch this number of threads")="2"; | ||||
::arg().set("processes", "Launch this number of processes (EXPERIMENTAL, DO NOT CHANGE)")="1"; // if we un-experimental this, need to fix openssl rand seeding for multiple PIDs! | ::arg().set("processes", "Launch this number of processes (EXPERIMENTAL, DO NOT CHANGE)")="1"; // if we un-experimental this, need to fix openssl rand seeding for multiple PIDs! |