[wplug] Running Processes as non-root user

Brian A. Seklecki lavalamp at spiritual-machines.org
Wed May 3 20:56:03 EDT 2006


> The complexity depends on how complete an environment your jailed
> process requires.  There's a Linux HOWTO on setting up a chroot
> jail for BIND that might be a good starting point.

Also, try to grasp a good understanding of the difference between
programs that 1) run natively as a non-root user (databases, not
privileged TCP ports) 2) start as root then change user to a non-root
user after establishing file handles and opening ports (BIND, etc.) and
3) programs that run privilege-separated 


~BAS



More information about the wplug mailing list