Hello, the problem of the root access usually comes into play when your site gets hacked (or if you don't trust the framework written by someone else, which is not always a bad idea). Up until then, you can safely run your application under root privileges.
When your site gets hacked, the main goal is to reduce the attacker's playground. If the attacker gets in with the user's password, it can do anything. If sudo is configured that it doesn't even ask for a password, it's ever worse. All in all, the best thing is to prepare for the worst case scenario. Assume that the attacker is already on the computer. Make his place as small as possible. Best, Gergely On 14 Jun 2015 20:50, "Paul Koepke" <[email protected]> wrote: > I'm running a Django app using uWSGI and nginx. I already saw in the uWSGI > documentation that I should not run uWSGI as root. But does it matter if > the user I run uWSGI has sudo access? Should I try to use a user that is > not a sudoer or does it not really matter? > > -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at http://groups.google.com/group/django-users. > To view this discussion on the web visit > https://groups.google.com/d/msgid/django-users/7b28bd49-a1df-428a-b828-a085662100a1%40googlegroups.com > <https://groups.google.com/d/msgid/django-users/7b28bd49-a1df-428a-b828-a085662100a1%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CACczBU%2BVwgade0BfxT5SYKO5WyTqA5Dky3SkfsS1Bx7-ekDz%2Bg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
