From 31f7cc79843fccc650b17f89e42cc7c4f9037323 Mon Sep 17 00:00:00 2001
From: Job Snijders <job@instituut.net>
Date: Tue, 14 Nov 2017 11:05:46 +0100
Subject: [PATCH] Emphasize when privileges are dropped

---
 pdns/dnsdistdist/docs/running.rst | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/pdns/dnsdistdist/docs/running.rst b/pdns/dnsdistdist/docs/running.rst
index bbcda3947..daf58e2a9 100644
--- a/pdns/dnsdistdist/docs/running.rst
+++ b/pdns/dnsdistdist/docs/running.rst
@@ -30,6 +30,7 @@ These commands can be copied to the configuration file, should they need to pers
 Running as unprivileged user
 ----------------------------
 
-:program:`dnsdist` can drop privileges using the ``--uid`` and ``--gid`` command line switches to ensure it does not run with root privileges after binding its listening sockets.
+:program:`dnsdist` can drop privileges using the ``--uid`` and ``--gid`` command line switches to ensure it does not run with root privileges.
+Note that :program:`dnsdist` drops its privileges **after** parsing its startup configuration and binding its listening and initial :func:`newServer` sockets as user `root`.
 It is highly recommended to create a system user and group for :program:`dnsdist`.
 Note that most packaged versions of :program:`dnsdist` already create this user.
-- 
2.40.0