"Hugo Doria" <hugodoria@xxxxxxxxx> writes: > IMHO, we have two options: > > 1) Create a "snort" user/group and provide a package with fewer > privileges by default (users can change that if they want) > 2) Run snort as "nobody" and put a message in snort.install showing > how to change the user/group that snort runs. > > I think the first option is better. I agree. Personally, I try to create a new user (and sometimes a chroot) for every publicly facing service that can be run as non-root. I think it would be awesome if more packages did this for me. I don't see the downside to having lots of users, supposing the mapping is clear.
