Should I install and/or run Node-RED with an admin account? (SUDO)

You MAY install Node-RED using elevated privileges (e.g. using sudo on a Linux system) - this is generally required if installing as a "global" node-red install -g ..... Which many people do.

You should NOT run Node-RED using a privileged account (e.g root on Linux systems). Since this is very insecure and will also almost certainly cause you many issues later on.

For a low security installation, you might install globally using elevated privileges and run using the same account as you usually log in with.

For a production system, it is better to install into a local folder under a dedicated user id and group which you use to run the service. This makes it easier to keep Node-RED isolated from the rest of the server and is the same approach used for web servers and other microservice architectures.

For even higher security, consider installing locally using a semi-privileged account and run using a low-privilege account. This helps ensure separation of the service from the OS and separation of what a user can do from the service.


This topic was automatically closed after 30 days. New replies are no longer allowed.