On Wed, May 20, 2009 at 5:43 PM, <per...@pluto.rain.com> wrote: > alexus <ale...@gmail.com> wrote: >> ... i guess my main concern it not to run it as root now > > AFAIK it is normal for a daemon to run as root if it expects to > receive login credentials: > > * For any but the most minimal authentication scheme, it must be > root to authenticate the credentials. (A scheme which enables an > untrusted program to authenticate login credentials is vulnerable > to brute-force attacks.) > > * Regardless of the authentication scheme, it must be root in > order to assume the identity of the newly logged in user. >
all my users are virtual users to begin with, so that's not really a concern, but i'd like to keep it running as non root thats for sure -- http://alexus.org/ _______________________________________________ firstname.lastname@example.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"