If you use #ddclient for your #ddns, beware. In my Debian install, ddclient.conf had read access for all users, giving access to DDNS credentals to virtually all users.
Just so you realize how dangerous this is, anybody with access to a user account can change your A records and point them to their own servers, without you noticing. And all of this from a very simple API.