On Thu, Jul 17, 2008 at 10:40 AM, Hugo Doria <hugodoria@xxxxxxxxx> wrote: > Thus this way snort can work out of the box with less privileges. > Anyone who wants can put snort to run with another user. > > And, in any case, this email was just a question. I don't see why people have such an issue with creating UIDs/GIDs out of the box. I don't have a problem with it, as long as we don't do it on every flippin package under the sun. Is it possible to use 'nobody' for snort, or is there a security risk there too?
