Memcache: configured to run as root

memcache is configured to use a root user. When a process runs under root by default, it has root permissions and so the risk levels are maximal. With 0day exploits, old exploits with old versions, vulnerabilities and more, these will translate to all-access elevated permissions on the side of the attacker, if you use a root user.

It is then a best practice to create and configure a minimal access user, and a user specific to each process that you run.

Problem

In memcached.conf:

-u root

Fix

In memcached.conf, create a minimal access user and configure:

-u user

See