I’ve noticed that in the documentation of BIND9 it is mentioned that BIND should run as an unprivileged user on a live system that is connected to the web. When i check the running bind services with the terminal command, the user is ‘root’. But also, the services of brew are started as “brew service …” . Does the latter mean that all brew services are part of e.g. “the brew user” so like a sandbox, or are they run by the ‘root’ user. If so, that is dangerous.
envy3000 (Envy3000) #1
SMillerDev (Sean Molenaar) #2
It’ll run as the user executing the command.
brew service will start it as the current user,
sudo brew service will run it as root.