Principle of least privilege


RDE does not need any special privileges
runs as _bgpd:_bgpd, chrooted to /var/empty

SE: bind(2) to 179/tcp requires root

parent needs root
modify the kernel routing table
IPsec flows