httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Graham Leggett <minf...@sharp.fm>
Subject Re: WebDAV and reading / writing files as system users
Date Fri, 30 Apr 2004 17:26:03 GMT
Joshua Slive wrote:

> If you really want apache to behave like samba, then I suppose you don't
> mind if apache runs as root.  Then it becomes rather more simple to do the
> sort of things you are interested in.  It also becomes rather more simple
> to compromise your box.

If I don't run Apache, then I would have to run Samba, which runs as 
root anyway, and therefore makes it far more simple to compromise my box 
anyway. I am swapping one evil for another, overall the situation is the 
same.

Keep in mind the application I am thinking about is not "webserver 
that's trying to be a fileserver", but rather a "fileserver that just 
happens to use the DAV protocol". I don't see the security risks of 
running Apache as root as being any different to running Samba as root.

Regards,
Graham
--


Mime
View raw message