You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by John McCreight <da...@dalrain.net> on 2002/08/15 17:55:48 UTC
Does Apache2 Drop Priviledges Fully? [Newbie Question]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Greetings all,
I'm just writing to the list today to sate my curious mind, which noticed one
key difference in the Apache 2.0.40 server I set up and my old SuSE 7.3 box.
With the new apache running along with php-4.3.0dev, one of the apache
processes seems to never drop root. I was curious as to if this was normal
behavior, or something I might have done, or a bug of some kind. The output
snipped from ps auxw shows me this....
root 10204 23.4 0.8 8084 4144 ? S 15:51 0:00
/usr/local/apache2/bin/httpd -k start
www 22229 0.1 0.8 8108 4180 ? S 15:51 0:00
/usr/local/apache2/bin/httpd -k start
www 10040 0.0 0.8 8108 4180 ? S 15:51 0:00
/usr/local/apache2/bin/httpd -k start
www 2648 0.0 0.8 8108 4180 ? S 15:51 0:00
/usr/local/apache2/bin/httpd -k start
www 23628 0.1 0.8 8108 4180 ? S 15:51 0:00
/usr/local/apache2/bin/httpd -k start
www 27304 0.0 0.8 8108 4180 ? S 15:51 0:00
/usr/local/apache2/bin/httpd -k start
It appears that all is mostly right....however when I load a php info page,
it shows the USER var as being set to root. Well, I'm no rocket scientist,
but PHP running as root isn't neccesarily something I consider to be a great
thing. Is there a reason the priviledges aren't being fully dropped, (as my
old SuSE box with 1.3.x does) or is apache 2 just that way? I tried to look
up the info, but I didn't see it in the FAQ or in the recent listing of mails
from this list. Thank you for reading, and any help or ideas are appriciated.
Regards,
- -John
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE9W88IoRGY3WMaubQRAuIvAKDc8GfxQIoX2ObvLZJIHhsHzz5lXgCffBnr
Vwzfw7ugrTPW8HJw/Oa6Sss=
=qyMG
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org