[diggan]

npm should never interact with hardware, it's job is to install and manage packages. I could understand that you have to run nodejs with root, since it actually can use the hardware.

But using npm with root user? I can't think of a single usecase.

[chopin]

I am not a node guy but as far as I understand nodejs is a webserver, no? _Never_ run any webserver as root. This is just bad practice.

[manigandham]

No, Node is a runtime for javascript code, using the same V8 engine from the Chrome browser. It is similar to the JVM runtime for Java code and the CLR for C#, although of course there is no intermediate compilation step for javascript.

A webserver is one of many things that can be run using Node+JS, the point being that it's an entire runtime and can do pretty much anything any other language can do.

[tbranyen]

Well think harder. Npm runs scripts from package.json. Most folks wouldn't think twice to run sudo npm start as a replacement for sudo node. I sure wouldn't think npm would start mucking with file permissions.

[diggan]

I'm sorry but that people can't figure out where to put `sudo` is not a usecase for using sudo...

Instead of running `sudo npm start`, have `scripts.start` have the value `sudo node index.js` if you want.

But then again, I'm not "most folks", I try to think when I am the root user and don't run third-party code willy-nilly when I am.