configure --help tells you:
--enable-user=ARG user to run zebra suite as (default zebra)
--enable-group=ARG group to run zebra suite as (default zebra)


but why would you want to run it as root if you can run it as a normal
user!?

Regards,

Teun Vink
Luna.nl NOC

any exploits means the attacker gets root privileges?

regards,

because you start it up as root so that it can set things up so as to
allow it to temporarily change back to root for those times it needs
to. in normal operation it runs as something else.

on linux, with libcap installed, it will use capabilities instead,
and drop all capabilities, only retaining the few it needs in its
permitted set. under normal operation it runs non-root,
no-capabilities. temporarily raising the few capabilities it needs as
required.

regards,

yes.
absolutely.

the linux capabilities stuff is the most secure - as it retains the
fewest privileges for an attacker to try regain.

the other platforms, well an exploit can indeed raise privileges to
root again.

though, it does make it slightly more difficult for an exploit to
raise privileges and actually still exploit the code further though.
on systems with non-executable stacks exploiting zebra while raising
privileges and actually doing something else becomes yet more
difficult.

NB: there is a possibility that there are exploits in the wild for
zebra. (no idea whether it is true, and if so, which versions and
whether it applies to quagga too).
regards,

Now, why on earth would you want to throw away the nice security features
that running as something OTHER than root provide? While there have not -
to date - been any security flaws related to Zebra/Quagga, that doesn't
mean that there isn't something that has not been found.

If, for some reason, someone is able to get Zebra/Quagga to crush in a
specific way, they could potentially end up with root privs on your
box. They're going to get the privs of the program they crush.

What is so hard about typing "adduser zebra"?