On 7 September 2016 at 12:15, Robert Haist <rha...@mailbox.org> wrote: > Package: suricata > Version: 3.1.1-4 > > It might be a security improvement to let suricata run with non-root > privileges and a special permission for the provided capture modes. Running > as root might be a problem if a protocol parser or some other input-dependant > code is exploitable. >
I agree. I don't know right now how to achieve this change, I will investigate. best regards. -- Arturo Borrero González