Code samples

Here are some unix services for hosting support. Ugly but practical, they've been run in production for years. These samples are totally unsupported and provided as-were. Though they may sound pretty insecure, potential damage is actually pretty well contained by the devilish details, ie. security is thought through and all input and usage patterns are restricted.

Services contain usage explanation. Code is mainly undocumented since I only got paid for the functionality.

All code here is created by Kalle Hallivuori and provided for free use under the GPL.

HostingMaster.tar.gz

• Purpose: let customers of hosting service independently but relatively safely configure their own parts of unix services
• Architecture: Client send command over TCP, daemon run external command, returns result
• Implementation languages: Perl, bash, unix commands
• Security:
  • Daemon runs as root
  • Digest-based password authentication
  • No internal traffic encryption; connections may be piped over SSL
  • Commands to run as root accepted from client according to (hopefully strict) regular expressions in configuration file
• Included in package: Daemon and command-line client; parts of web client; some command scripts
• Excluded from package: configuration; parts of web client; most command scripts

dnsconf.tar.gz

• Purpose: remote configuration of slave DNS server
• Architecture: Client sends an UDP packet, daemon modifies bind configuration accordingly
• Implementation languages: perl
• Security:
  • Daemon runs as root
  • Authorization is based purely on client IP address :D