--On Mittwoch, 19. Januar 2005 15:18 Uhr +1100 Alan Milligan <alan@balclutha.org> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi,
I have a requirement to run a root uid Z2 process and was most surprised to see that line 334 of Zope/Startup/__init__.py expressly forbids this, throwing a ZConfig.ConfigurationError
While it's not a good idea to configure Zope to run as root by default, isn't it completely fascist to disallow it altogether? Similarly, I'd now expect issues if I chose to attach a Z2 to a low port.
As far as I'm concerned, the account policy (and port too) is clearly defined by directives in zope.conf and should be honoured - clearly someone's consciously made these configuration changes and is thus fully accepting of their potential consequences.
How about relaxing this requirement?
There is zero need to relax this requirement. You only have to start Zope as root to get port 80 but it is in general not a good idea for *any* service to run as root for security reasons. So there is absolutely no reason to *not* changing the the uid of the process to a user with less permissions. -aj