Hi all,
what happens if i have a service running as root?
if it is exploited what would happen?
can a hacker actually becomes a hacker and screw up my whole box?
thanks
One of the dangers of running a daemon as root is that if a malicious user can cause the daemon to crash, it is possible to execute arbitrary code with the privileges of the user that runs the daemon. In the case of root this means there is a possibility of having complete control of the system. Many root-kits incorporate a compromise of a daemon that is used to install a root-backdoor which the attacker can then use to log in and gain a full system-level shell account.
If you run your daemon as a normal user, the attacker is limited by the permissions of that user. Run as nobody to give the least possible permissions. If you must have root to bind to ports less than 1024, drop privileges as soon as possible.