On Wed, May 20, 2009 at 5:43 PM,  <per...@pluto.rain.com> wrote:
> alexus <ale...@gmail.com> wrote:
>> ... i guess my main concern it not to run it as root now
>
> AFAIK it is normal for a daemon to run as root if it expects to
> receive login credentials:
>
> * For any but the most minimal authentication scheme, it must be
>  root to authenticate the credentials.  (A scheme which enables an
>  untrusted program to authenticate login credentials is vulnerable
>  to brute-force attacks.)
>
> * Regardless of the authentication scheme, it must be root in
>  order to assume the identity of the newly logged in user.
>

all my users are virtual users to begin with, so that's not really a
concern, but i'd like to keep it running as non root thats for sure

-- 
http://alexus.org/
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Reply via email to