Working as root while Apache is running; how much a risk?
Scot L. Harris
webid at cfl.rr.com
Fri Jul 9 03:05:10 UTC 2004
On Thu, 2004-07-08 at 22:56, Jorge Fábregas wrote:
> On Thursday 08 July 2004 8:16 pm, Alan Horn wrote:
>
> > You should never _RUN_ the webserver as root
>
> Hi,
>
> How then you make Apache listen to port 80 (a port below 1024) as another user
> other than root? ..since only root may use those ports below 1024.
>
> Jorge
Apache has options in the httpd.conf file that let you specify what user
apache should run as. I believe by default that user is apache. In the
past or on other OSes I believe they used the nobody user. The main
thing is to run it as an unprivileged user so if someone finds an
exploit they are limited to the privileges of a non root user.
--
Scot L. Harris
webid at cfl.rr.com
Doctors and lawyers must go to school for years and years, often with
little sleep and with great sacrifice to their first wives.
-- Roy G. Blount, Jr.
More information about the fedora-list
mailing list