Running a Program As Root

When an application has been written to run as root, the Security Administrator role has three options (all of which should be assessed for consistency with the site's security policy):

If a real UID of root is not required, set up the application to run with an effective UID of root.
Otherwise, set it up with a real UID of root.
Find out what privileges the application needs and assign only the needed privileges, after determining that the application can use the privileges in a trustworthy manner.

Previous: Considering When to Add Privilege
Next: Cooperating to Create a Trusted Program