You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by John McCreight <da...@dalrain.net> on 2002/08/15 17:55:48 UTC

Does Apache2 Drop Priviledges Fully? [Newbie Question]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Greetings all,
I'm just writing to the list today to sate my curious mind, which noticed one 
key difference in the Apache 2.0.40 server I set up and my old SuSE 7.3 box.  
With the new apache running along with php-4.3.0dev, one of the apache 
processes seems to never drop root.  I was curious as to if this was normal 
behavior, or something I might have done, or a bug of some kind.  The output 
snipped from ps auxw shows me this....

root     10204 23.4  0.8  8084 4144 ?        S    15:51   0:00 
/usr/local/apache2/bin/httpd -k start
www      22229  0.1  0.8  8108 4180 ?        S    15:51   0:00 
/usr/local/apache2/bin/httpd -k start
www      10040  0.0  0.8  8108 4180 ?        S    15:51   0:00 
/usr/local/apache2/bin/httpd -k start
www       2648  0.0  0.8  8108 4180 ?        S    15:51   0:00 
/usr/local/apache2/bin/httpd -k start
www      23628  0.1  0.8  8108 4180 ?        S    15:51   0:00 
/usr/local/apache2/bin/httpd -k start
www      27304  0.0  0.8  8108 4180 ?        S    15:51   0:00 
/usr/local/apache2/bin/httpd -k start

It appears that all is mostly right....however when I load a php info page, 
it shows the USER var as being set to root.  Well, I'm no rocket scientist, 
but PHP running as root isn't neccesarily something I consider to be a great 
thing.  Is there a reason the priviledges aren't being fully dropped, (as my 
old SuSE box with 1.3.x does) or is apache 2 just that way?  I tried to look 
up the info, but I didn't see it in the FAQ or in the recent listing of mails 
from this list.  Thank you for reading, and any help or ideas are appriciated.

Regards,
- -John
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE9W88IoRGY3WMaubQRAuIvAKDc8GfxQIoX2ObvLZJIHhsHzz5lXgCffBnr
Vwzfw7ugrTPW8HJw/Oa6Sss=
=qyMG
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org