[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug-gnu-radius] Are there good reasons for running radiusd as user 'roo

From: Maurice Makaay
Subject: [Bug-gnu-radius] Are there good reasons for running radiusd as user 'root'?
Date: Mon, 10 Nov 2003 23:58:28 +0100


I have written a wrapper script to startup my radiusd as the user and group
radius/radius. This all seems to work OK. Now I'm wondering: are there
any good reasons for running the radiusd as user 'root'? We have of
course the configuration directive 'exec-program-user', but the only
affects externally running programs. If we startup radiusd as a safe user
in the first place, there would be no need for switching to another user.
Of course there are situations where someone may want the server to run as
root and external programs as a safe user, but I'm sure there are a lot
of people who'd like the idea of running radiusd itself as a safe user.
My policy always is: drop root privileges whenever possible.

What I would like to see in radiusd (if it makes sense not to
run the program as 'root') is a patch to be able to configure the user
and group you want to run the program as. Let me know if you want me
to do a proposal for such a patch. 


-- Maurice Makaay

reply via email to

[Prev in Thread] Current Thread [Next in Thread]