[Fedora-directory-users] run as root? newb question
Pete Rowley
prowley at redhat.com
Fri Sep 15 20:40:11 UTC 2006
Scott Roberts wrote:
> New to linux and was wondering what is the best
> practice for choosing a user and group for running
> applications? Is running an app as root the normal
> thing to do?
no
> Is running apps as root a bad thing?
yes
> Huge
> security risk?
yes
> Sorry for the stupid question but have
> seen different docs saying what to run a directory as.
> The RH docs say if you want to run directory on
> default ports run as root. Thats what I plan to do.
>
>
This refers to starting the DS, but the DS is configured to run as
another user/group. When the DS starts up it opens the ports it
requires and then changes to the configured user/group in order that
under normal running conditions it has a lower security profile.
Starting the DS as root is required to open ports 389 and 636, the
designated LDAP and LDAPS ports, but please do configure the server to
switch to a user/group which you have created specifically for the DS.
--
Pete
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3241 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20060915/103732c7/attachment.bin>
More information about the Fedora-directory-users
mailing list