diff --git a/pkg/httputil/auth.go b/pkg/httputil/auth.go
index c9f84988f..32707616a 100644
--- a/pkg/httputil/auth.go
+++ b/pkg/httputil/auth.go
@@ -63,7 +63,13 @@ func IsLocalhost(req *http.Request) bool {
 	if uid > 0 {
 		connUid, err := netutil.AddrPairUserid(from, to)
 		if err == nil {
-			if uid == connUid {
+			if uid == connUid || connUid == 0 {
+				// If it's the same user who's running the server, allow it.
+				// Also allow root, so users can "sudo camput" files.
+				// Allowing root isn't a security problem because if root wants
+				// to mess with the local user, they already can. This whole mechanism
+				// is about protecting regular users from other regular users
+				// on shared computers.
 				return true
 			}
 			log.Printf("auth: local connection uid %d doesn't match server uid %d", connUid, uid)