alexus <ale...@gmail.com> wrote:
> ... i guess my main concern it not to run it as root now

AFAIK it is normal for a daemon to run as root if it expects to
receive login credentials:

* For any but the most minimal authentication scheme, it must be
  root to authenticate the credentials.  (A scheme which enables an
  untrusted program to authenticate login credentials is vulnerable
  to brute-force attacks.)

* Regardless of the authentication scheme, it must be root in
  order to assume the identity of the newly logged in user.
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Reply via email to