Mailing List Archive

As long as you can open the console ports (be it local serial or TCP
connections or whatever) there should be no problem (I do a lot of my
testing by using my own account and not root). The only real reason
for conserver to run as root is for the low-numbered port. If you've
been running conserver as root and change to a non-root account (or
generically want to change from one account to the other), you'll need
to modify permissions on logfiles and such, but that's about it.

Other disadvantages? Just make sure you have a good startup script
that folks use religiously so things don't start as root (even for BSD
systems). If it creates a new logfile as root and then you re-run as a
non-root user you get into a small mess (not major, but annoying).
Other than that, I can't think of any.

Bryan

On Thu, Oct 25, 2001 at 09:07:29PM +0200, Jörgen Hägg wrote:
>
> Would there be any problem running conserver as a normal user
> instead of root?
> (Except for using a higher port number than 782 of course.)
>
> Something like having a 'conserver'-user belonging to the
> same group as the serial ports.
>
> Any other disadvantages?
> _______________________________________________
> users mailing list
> users@conserver.com
> https://www.conserver.com/mailman/listinfo/users

Ooops...as a friend just reminded me, the other potential issue is
reading shadow password files. If your system uses them and you use
'*passwd*' as the password entry in the conserver.passwd file, user
authentication will fail (since only root can read the shadow password
entries). To get around this, just put the encrypted password in the
conserver.passwd file. Some would say doing that decreases your
security (effectively no longer using shadow password files), but if
you're using the console client on another host, you have bigger
security concerns 'cause the passwords are going over the wire in the
clear. So, take it all with a grain of salt.

Bryan