diff --git a/dnsmasq/dnsmasq.c b/dnsmasq/dnsmasq.c
index 54a47da85..390eaad8e 100644
--- a/dnsmasq/dnsmasq.c
+++ b/dnsmasq/dnsmasq.c
@@ -570,7 +570,7 @@ int main_dnsmasq (int argc, char **argv)
 	}
     }
 
-    FTL_fork_and_bind_sockets();
+    FTL_fork_and_bind_sockets(ent_pw);
 
    log_err = log_start(ent_pw, err_pipe[1]);
 
diff --git a/dnsmasq_interface.c b/dnsmasq_interface.c
index 4607ed500..df1e9a8ce 100644
--- a/dnsmasq_interface.c
+++ b/dnsmasq_interface.c
@@ -867,7 +867,7 @@ pthread_t socket_listenthread;
 pthread_t DBthread;
 pthread_t GCthread;
 
-void FTL_fork_and_bind_sockets(void)
+void FTL_fork_and_bind_sockets(struct passwd *ent_pw)
 {
 	if(!debug && daemonmode)
 		go_daemon();
@@ -919,6 +919,16 @@ void FTL_fork_and_bind_sockets(void)
 		logg("Unable to open GC thread. Exiting...");
 		exit(EXIT_FAILURE);
 	}
+
+	// Chown files if FTL started as user root but a dnsmasq config option
+	// states to run as a different user/group (e.g. "nobody")
+	if(ent_pw != NULL && getuid() == 0)
+	{
+		if(chown(FTLfiles.log, ent_pw->pw_uid, ent_pw->pw_gid) == -1)
+			logg("Setting ownership (%i:%i) of %s failed: %s (%i)", ent_pw->pw_uid, ent_pw->pw_gid, FTLfiles.log, strerror(errno), errno);
+		if(database && chown(FTLfiles.db, ent_pw->pw_uid, ent_pw->pw_gid) == -1)
+			logg("Setting ownership (%i:%i) of %s failed: %s (%i)", ent_pw->pw_uid, ent_pw->pw_gid, FTLfiles.db, strerror(errno), errno);
+	}
 }
 
 // int cache_inserted, cache_live_freed are defined in dnsmasq/cache.c
diff --git a/dnsmasq_interface.h b/dnsmasq_interface.h
index a2c4c3bf4..ea08b5229 100644
--- a/dnsmasq_interface.h
+++ b/dnsmasq_interface.h
@@ -16,7 +16,7 @@ void FTL_reply(unsigned short flags, char *name, struct all_addr *addr, int id);
 void FTL_cache(unsigned int flags, char *name, struct all_addr *addr, char * arg, int id);
 void FTL_dnssec(int status, int id);
 void FTL_dnsmasq_reload(void);
-void FTL_fork_and_bind_sockets(void);
+void FTL_fork_and_bind_sockets(struct passwd *ent_pw);
 
 void FTL_header_ADbit(unsigned char header4, int id);