Don't run chronyd as root
- * The chronyd NTP daemon runs as root by default. If chrony is compiled with support for libcap it has the capability to drop privileges to a non-root user. This highly increases security and thus I would suggest that the chrony APKBUILD adds a chrony user by default and configures the package with ‘—with-user=chrony’.
See also: http://chrony.tuxfamily.org/faq.html\#\_how\_can\_i\_make\_chronyd\_more\_secure.
(from redmine: issue id 4462, created on 2015-07-22, closed on 2015-12-15)
- Changesets:
- Revision 4311f61b on 2015-08-10T08:50:21Z:
main/chrony: don't run chronyd as root
fixes #4462