File arpwatch-2.1a11-drop-privs-manpage.dif of Package arpwatch

--- a/arpwatch.8
+++ b/arpwatch.8
@@ -36,13 +36,16 @@ arpwatch - keep track of ethernet/ip add
 .I interface
-.ti +8
+.ti +9
 .B -n
 .IR net [/ width
 ]] [
 .B -r
 .I file
+] [
+.B -u
+.I username
@@ -94,10 +97,26 @@ of reading from the network. In this cas
 .B arpwatch
 does not fork.
+.B -u 
+flag is used, 
+.B arpwatch
+drops root privileges and changes user ID to
+.I username
+and group ID to that of the primary group of 
+.IR username .
+This is recommended for security reasons.
 Note that an empty
 .I arp.dat
 file must be created before the first time you run
-.BR arpwatch .
+.BR arpwatch . 
+Also, the default directory (where arp.dat is stored) must be owned
+.I username
+.BR -u
+flag is used.
 Here's a quick list of the report messages generated by
openSUSE Build Service is sponsored by