diff --git a/README.md b/README.md
index 70daa04d..7cb30309 100644
--- a/README.md
+++ b/README.md
@@ -196,6 +196,10 @@ $ pm2 start app.json                # Start processes with options declared in a
 $ pm2 start app.js -i max -- -a 23  # Pass arguments after -- to app.js
 
 $ pm2 start app.js -i max -e err.log -o out.log  # Will start and generate a configuration file
+
+$ pm2 --run-as-user foo start app.js  # Start app.js as user foo instead of root (pm2 must be running as root)
+
+$ pm2 --run-as-user foo --run-as-group bar start app.js  # Start app.js as foo:bar instead of root:root (pm2 must be running as root)
 ```
 
 For scripts in other languages:
diff --git a/bin/pm2 b/bin/pm2
index 989d4d4f..72f1ea92 100755
--- a/bin/pm2
+++ b/bin/pm2
@@ -39,6 +39,8 @@ commander.version(pkg.version)
       function(val) {
           return val.split(' ');
           })
+  .option('--run-as-user <run_as_user>', 'The user or uid to run a managed process as')
+  .option('--run-as-group <run_as_group>', 'The group or gid to run a managed process as')
   .usage('[cmd] app');
 
 commander.on('--help', function() {
diff --git a/lib/CLI.js b/lib/CLI.js
index 9a17c323..656c465e 100644
--- a/lib/CLI.js
+++ b/lib/CLI.js
@@ -46,6 +46,10 @@ CLI.startFile = function(script) {
     appConf['merge_logs'] = true;
   if (commander.watch)
     appConf['watch'] = true;
+  if (commander.runAsUser)
+    appConf['run_as_user']    = commander.runAsUser;
+  if (commander.runAsGroup)
+    appConf['run_as_group']    = commander.runAsGroup;
 
   if (commander.executeCommand)
     appConf['exec_mode']       = 'fork_mode';
diff --git a/lib/ProcessContainer.js b/lib/ProcessContainer.js
index c44c33b0..cc133244 100644
--- a/lib/ProcessContainer.js
+++ b/lib/ProcessContainer.js
@@ -37,6 +37,16 @@ require('coffee-script/register');
   if (process.env.name != null)
     process.title = 'pm2: ' + process.env.name;
 
+  // if we've been told to run as a different user or group (e.g. because they have fewer
+  // privileges), switch to that user before importing any third party application code.
+  if (process.env.run_as_group) {
+    process.setgid(process.env.run_as_group);
+  }
+
+  if (process.env.run_as_user) {
+    process.setuid(process.env.run_as_user);
+  }
+
   exec(script, outFile, errFile);
 
   if (cronRestart)
@@ -133,6 +143,7 @@ function exec(script, outFile, errFile) {
           process.exit(cst.CODE_UNCAUGHTEXCEPTION);
         }, 100);
       }
+
     });
 
     // Get the script & exec