On Sun, Jan 30, 2011 at 05:22:39PM +0530, varad gupta wrote:
> Is it not a risk running master as root (the same reason for running
> other processes as unprivileged) ?
No, quite the opposite. It takes privileges to "drop" privileges. A well
designed system (such as Postfix) is *more* secure by in part using root
privileges to enable it to operate in multiple security contexts.
My short maxim for this is indebted to a marketing campaign:
http://en.wikipedia.org/wiki/Frank_Perdue
"it takes a tough man to make a tender chicken"
By which I mean that you sometimes need higher privileges to optimally
use lower privileges.
--
Viktor.
