9.1.14.3. Least Privilege¶
The stunnel service runs under the stunnel
user and stunnel
group. This allows
directory permissions to limit the service’s access to files/directories not
owned by the stunnel
user/group. The stunnel user does not have a valid login
shell.
References: AC-6 : LEAST PRIVILEGE