diff --git a/sys_linux.c b/sys_linux.c
index 2f7fa9f..0b24445 100644
--- a/sys_linux.c
+++ b/sys_linux.c
@@ -450,6 +450,10 @@ SYS_Linux_DropRoot(uid_t uid, gid_t gid, SYS_ProcessContext context, int clock_c
                clock_control ? "cap_sys_time=ep" : "") >= sizeof (cap_text))
     assert(0);
 
+  /* Helpers don't need any capabilities */
+  if (context != SYS_MAIN_PROCESS)
+    cap_text[0] = '\0';
+
   if ((cap = cap_from_text(cap_text)) == NULL) {
     LOG_FATAL("cap_from_text() failed");
   }
diff --git a/sys_macosx.c b/sys_macosx.c
index eb7297d..e3a38ed 100644
--- a/sys_macosx.c
+++ b/sys_macosx.c
@@ -417,7 +417,8 @@ SYS_MacOSX_SetScheduler(int SchedPriority)
 #ifdef FEAT_PRIVDROP
 void SYS_MacOSX_DropRoot(uid_t uid, gid_t gid, SYS_ProcessContext context)
 {
-  PRV_StartHelper();
+  if (context == SYS_MAIN_PROCESS)
+    PRV_StartHelper();
 
   UTI_DropRoot(uid, gid);
 }
diff --git a/sys_netbsd.c b/sys_netbsd.c
index 350f569..36ffa18 100644
--- a/sys_netbsd.c
+++ b/sys_netbsd.c
@@ -139,7 +139,8 @@ SYS_NetBSD_DropRoot(uid_t uid, gid_t gid, SYS_ProcessContext context)
 
   /* On NetBSD the helper is used only for socket binding, but on FreeBSD
      it's used also for setting and adjusting the system clock */
-  PRV_StartHelper();
+  if (context == SYS_MAIN_PROCESS)
+    PRV_StartHelper();
 
   UTI_DropRoot(uid, gid);
 
diff --git a/sys_solaris.c b/sys_solaris.c
index 9585100..ba86c11 100644
--- a/sys_solaris.c
+++ b/sys_solaris.c
@@ -57,7 +57,8 @@ SYS_Solaris_Finalise(void)
 void
 SYS_Solaris_DropRoot(uid_t uid, gid_t gid, SYS_ProcessContext context)
 {
-  PRV_StartHelper();
+  if (context == SYS_MAIN_PROCESS)
+    PRV_StartHelper();
   UTI_DropRoot(uid, gid);
 }
 #endif