The lpd server is started at
system initialization time and initially runs as ROOT
(Effective UID 0). It
performs all file and other operations with non-privileged user
daemon Effective UID and group daemon Effective GID, and does a setuid()
to these UID and GID values when
running programs. The client programs such as lpr operate with the effective user IDs of
the user which started them.
Most UNIX systems already have user daemon and group daemon, or a similar ones. If suitable user and group IDs are not present then the appropriate system administration tools should be used to create them. The configuration --with-userid=UID and --with-groupid=GID can be used to specify the user and group IDs. The user ID must not have login capability.