httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Scott Lamb <sl...@slamb.org>
Subject Re: Does Apache2 Drop Priviledges Fully? [Newbie Question]
Date Thu, 15 Aug 2002 16:57:40 GMT
John McCreight wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Greetings all,
> I'm just writing to the list today to sate my curious mind, which noticed one 
> key difference in the Apache 2.0.40 server I set up and my old SuSE 7.3 box.  
> With the new apache running along with php-4.3.0dev, one of the apache 
> processes seems to never drop root.  I was curious as to if this was normal 
> behavior, or something I might have done, or a bug of some kind.

It's normal behavior. Only root can bind to port 80. It's necessary to 
keep around a process capable of doing that for "apachectl graceful" and 
such to work properly.

> It appears that all is mostly right....however when I load a php info page, 
> it shows the USER var as being set to root.

That should be just the environment as it was when you invoked httpd. 
Try doing a:

     # USER=bob apachectl start

I think PHP will see bob instead. The USER variable isn't really tied to 
your privileges; it's something set by the shell.

-- 
Scott Lamb


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message