Greetings all,

Apologies that I have not posted anything in the past couple of days, things have been quite hectic.

I have noticed that a number of people on the zencash slack and discord are running their nodes or have been advised to run their software with elevated privileges, this is not recommended.

I cannot stress this enough. Do not use sudo to run your tracker software or your zend daemon or any other software with elevated privileges.

"Sudo stands for either "substitute user do" or "super user do" (depending upon how you want to look at it). What sudo does is incredibly important and crucial to many Linux distributions. Effectively, sudo allows a user to run a program as another user (most often the root user)." (source: https://www.linux.com/learn/linux-101-introduction-sudo )

"Avoid running applications as root whenever possible. When an application is running as the root user that application has the ability to control your server. If an attacker gains control of that application then they can perform any task they want on your server, if you are running SELinux there is an additional security control; but even then an application that runs as root can potentially disable all of your additional security controls." (source: http://bencane.com/2012/02/20/why-you-should-avoid-running-applications-as-root/)

Applications that are run using sudo will not only create files that will be owned by root, but will also expose the system to some serious security vulnerabilities. Take for example you install Chrome, and it had a vulnerability where it allowed a malicious script to be executed, if you are running Chrome using sudo, that script will be able to run as root. Something you most definitely do not want!!

While there are circumstances where you need to run applications or services using sudo, these should be limited in scope.

If you have already git clone the tracker using sudo, or for any other directory or file you can use the following to re-assign the permissions to the standard user (Note: Replace username with your username):

Directory and Files

sudo chown -R username: directory

Directory only

sudo chown username: directory

Files only

sudo chown username: <file>

Please ensure you do use the : after the username. This will add the default group for that user.

I hope this helps you and should you have any questions please contact me on the zencash slack/discord/irc or in the comments below.