[arch-dev-public] [signoff] pkgstats 2.1-1
Dieter Plaetinck
dieter at plaetinck.be
Mon Sep 13 09:18:02 EDT 2010
On Mon, 13 Sep 2010 13:32:50 +0200
Pierre Schmitz <pierre at archlinux.de> wrote:
> On Mon, 13 Sep 2010 13:22:03 +0200, Dieter Plaetinck
> > You can setuid the file and give it a specific owner, it will be
> > run as that user. If that's what you're asking.
>
> Yes, thought about that too. But: nobody shouldn't own any files;
> especially executables. And: afaik you cannot suid a shell-script. The
> script is not run, but the interpreter which then runs the script.
ah, right. is there a specific reason why nobody shouldn't own any
files?
> > Also, make sure we don't ddos ourselves.
>
> Well, collecting the data is not that expensive. But there is still
> some room to make it even cheaper if needed. But afaik weekly crons
> are not executed at the same milisecond and there are also different
> time zones and not every clock is in sync.
>
sure, just thought i would mention. At my previous company an
iphone-app developer built an app which automatically polled our
servers every x minutes, and we got a self-inflicted ddos when it went
live :)
Dieter
More information about the arch-dev-public
mailing list