Since RubyDNS will often bind to privileged port 53, it will be run as root. Ideally it will drop after binding.
http://timetobleed.com/5-things-you-dont-know-about-user-ids-that-will-destroy-you/
uid = Etc.getpwnam("nobody").uid
Process::Sys.setuid(uid)Pseudocode:
RubyDNS.run_server(INTERFACES, user: 'nobody') do
...
end
Since RubyDNS will often bind to privileged port 53, it will be run as root. Ideally it will drop after binding.
http://timetobleed.com/5-things-you-dont-know-about-user-ids-that-will-destroy-you/
Pseudocode: