diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index a7cc385ca..3571c5902 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -1,4 +1,4 @@
-# Copyright (C) 2011-2018 Greenbone Networks GmbH
+# Copyright (C) 2011-2019 Greenbone Networks GmbH
 #
 # SPDX-License-Identifier: GPL-2.0-or-later
 #
@@ -183,7 +183,7 @@ install (FILES ${CMAKE_BINARY_DIR}/src/openvassd_log.conf
          DESTINATION ${OPENVAS_SYSCONF_DIR})
 
 install (FILES ${CMAKE_BINARY_DIR}/tools/greenbone-nvt-sync
-         DESTINATION ${SBINDIR}
+         DESTINATION ${BINDIR}
          PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE
                      GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
 
diff --git a/tools/greenbone-nvt-sync.in b/tools/greenbone-nvt-sync.in
index 4be25e315..a661852b2 100644
--- a/tools/greenbone-nvt-sync.in
+++ b/tools/greenbone-nvt-sync.in
@@ -160,6 +160,19 @@ get_feed_info ()
   fi
 }
 
+# Prevent that root executes this script
+if [ "`id -u`" -eq "0" ]
+then
+  stderr_write "$0 must not be executed as privileged user root"
+  stderr_write
+  stderr_write "Unlike the actual scanner the sync routine does not need privileges."
+  stderr_write "Accidental executation as root would prevent later overwriting of"
+  stderr_write "files with a non-privileged user."
+
+  log_err "Denied to run as root"
+  exit 1
+fi
+
 # Always try to get the information when started.
 # This also ensures variables like FEED_PRESENT are set.
 get_feed_info