Package: llmnrd Version: 0.2.1-1 Severity: normal Dear Maintainer,
Please consider using the 'chuid' feature of start-stop-daemon in the provided init script to avoid having the daemon start up and run as root. The daemon itself has no support for dropping privilegies, it also has no reason to ever have any privilegies! In other words, it should not be started as root. Running a network facing daemon as root is really bad security practises. A simple solution to this problem might simply be to add "--chuid nobody" to your init scripts start-stop-daemon invocations to run as the nobody user. (Having a specific even more isolated user to run as could possibly be even better, but not sure it's worth all the effort to go through the procedure for a dynamically added system user and write maintainer scripts for handling the user.) Regards, Andreas Henriksson

