is it safe to run net/haproxy as root?
Mark Felder
feld at FreeBSD.org
Thu Apr 9 14:05:27 UTC 2015
On Thu, Apr 9, 2015, at 08:26, Mark Martinec wrote:
>
> Perhaps the haproxy port maintainer can be persuaded to assign
> some account entry for this purpose.
>
This wouldn't be a perfect solution. If you're going to be proxying port
80 and 443 you need to initially run as root, but perhaps by default in
the config file we could drop privs to the haproxy user?
Sounds like we need some better documentation on best practices, too.
More information about the freebsd-ports
mailing list