Hi, You should each service running under a different user, each of these "service" users having only access to what it really needs: for instance having Tomcat running as a tomcat user , zope running as a zope user, ..... The reason for this is improved security, and it's really not overkilled (how many different daemons will you run on a machine?) You need to start the daemon as root only if it has to bind to a port under 1024. If, for instance, you configure tomcat to listen to port 8080, you don't (shouldn't) have to start it as root. There are a few services (for instance apache) that bind to port < 1024: some of them start as root to bind to the port and, as soon as it's done, they drop their privileges and use a "normal" user (on OpenSUSE, wwwrun for apache) I would not recommend to use the nobody user, unless you have to (samba, NFS, ...): better to use a normal, dedicated user with the least privileges Kind regards, Gaël N�����r��y隊Z)z{.�ﮞ˛���m�)z{.��+�Z+i�b�*'jW(�f�vǦj)h���Ǿ��i�������