Kerberos as non-root

Sam Hartman hartmans at MIT.EDU
Thu Oct 3 05:05:01 EDT 2002

>>>>> "David" == David E Cross <crossd at> writes:

    David> I am considering making a very *very* simple change to the
    David> KDC/kadmind as follows: start as root, bind any resources
    David> (files, network ports, etc).

This at firsct glance seems like a reasonable thing to want to do.
You'd probably want to make it configurable at runtime.  You should
also be aware that there are several situations where people run KDCs
as non-root when not using privileged ports--often for debugging.
Please do not break this.

More information about the krbdev mailing list