[Zope-dev] root ZServer
kosh at aesaeion.com
Wed Jan 19 00:34:53 EST 2005
On Tuesday 18 January 2005 9:18 pm, Alan Milligan wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> I have a requirement to run a root uid Z2 process and was most surprised
> to see that line 334 of Zope/Startup/__init__.py expressly forbids this,
> throwing a ZConfig.ConfigurationError
> While it's not a good idea to configure Zope to run as root by default,
> isn't it completely fascist to disallow it altogether? Similarly, I'd
> now expect issues if I chose to attach a Z2 to a low port.
> As far as I'm concerned, the account policy (and port too) is clearly
> defined by directives in zope.conf and should be honoured - clearly
> someone's consciously made these configuration changes and is thus fully
> accepting of their potential consequences.
> How about relaxing this requirement?
Why would you need to run zope as root? You can start it as root so it can
bind to a low numbered port and then it will switch to a less privelaged user
for its normal operations. I can't think of a good reason right now for why a
network service should be run as the root user.
More information about the Zope-Dev