On 11-Feb-2009, at 2:36 AM, W.C.A. Wijngaards wrote:
In 1.2.1 I added initgroups(3), so that it drops secondary group permissions.
Thanks for that!It might be even better to use setusercontext(3) instead on those platforms which have such a function (all the BSDs at least).
That way login.conf(5) could be used properly to set things like user resource limits for the process.
--
Greg A. Woods
<[email protected]>
PGP.sig
Description: This is a digitally signed message part
_______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
