You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Bruce MacDonald <Br...@bcaa.bc.ca> on 2002/04/05 06:43:57 UTC
1.3.19 on Solaris7: httpd process owner -- 2 as root?
Hi all,
I'm new to Apache, but have done a fair bit of digging and am puzzled as to
the following:
This is actually Oracle 9iAS 1.0.2.2.2 on Solaris7, which is Apache 1.3.19.
I'm running apachectl as root, and have httpd.conf set with "user = Apache"
and "group = Apache", where the Apache user is modelled after "nobody".
>From everything I've read, I should see the initial httpd process owned by
root and then the server processes owned by Apache. In fact what I get is
the initial "root" process, then an "Apache" process ("root" httpd pid + 1),
then *another* root httpd process ("root" httpd pid + 2), and then however
many more "Apache" httpd processes.
I haven't seen anything to indicate that this should happen. Why would
there be *two* httpd processes owned by root? Is this a security hole if I
put the server into the world this way?
Thanks very much for your insight.
Bruce MacDonald
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: 1.3.19 on Solaris7: httpd process owner -- 2 as root?
Posted by Joshua Slive <jo...@slive.ca>.
On Thu, 4 Apr 2002, Bruce MacDonald wrote:
> From everything I've read, I should see the initial httpd process owned by
> root and then the server processes owned by Apache. In fact what I get is
> the initial "root" process, then an "Apache" process ("root" httpd pid + 1),
> then *another* root httpd process ("root" httpd pid + 2), and then however
> many more "Apache" httpd processes.
>
> I haven't seen anything to indicate that this should happen. Why would
> there be *two* httpd processes owned by root? Is this a security hole if I
> put the server into the world this way?
It depends on your configuration. Various types of supporting programs
may be launched during the initial configuration phase as root. For
example, piped log programs and RewriteMap programs both get to
be root.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org