[techtalk] Running Apache as Root
Seageraves Caren
cgreat2002 at yahoo.com
Wed Apr 11 07:52:43 EST 2001
Thank you for your answers. I think I was not clear
enough in my question. I not only start Apache as
root, but I run it in such as way that the little
httpd processes that are generally listed as belonging
to nobody are also running as root. This is an
unusual way to run Apache and requires that
"BIG_SECURITY_HOLE" be specified when I compile
Apache.
(http://dev.apache.org/apidoc/apidoc_BIG_SECURITY_HOLE.html)
Thank you for the suggestion to Disallow user created
.htaccess lists, we do have users on this server.
I am still curious if I would be safer if I moved the
part of the module that needs to be run as root to a
program that was external to Apache, but which
communicated with Apache via a pipe. Is the danger
having anything running as root on the server, or just
having the apache child processes running as root?
Caren
__________________________________________________
Do You Yahoo!?
Get email at your own domain with Yahoo! Mail.
http://personal.mail.yahoo.com/
More information about the Techtalk
mailing list