httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Garth Winter Webb <ga...@perijove.com>
Subject Re: [users@httpd] fopen of log files
Date Fri, 11 Feb 2005 15:45:01 GMT
On Fri, 2005-02-11 at 05:19, alex@squigly.net wrote:
> User nobody
> Group nogroup
> 
> 1. Apache needs to be launched as root in order to bind to a port lower than
> 1024 - this is a basic security feature of all UNIX implementations.
> 
> ----- fair enough
> 
> 2. Immediately after "grabbing" the port, Apache changes its effective user ID
> to something else, typically as user "nobody." This is for security reasons -
> running your Web servers as root means that any hole in the server (be it
> through the server itself, or through a CGI script, which is much more likely)
> could be exploited by an outside user to run a command on your machine.
> 
> ----- so given this, should the logging not then be conducted not by root, but
> by the user/group defined?

Logging is done by the user/group, the file is just provisioned by root
at startup.  The only time you have root in operation is at server
startup.  Anything a malicious user could compromise would be to a
process running as your user/group.

If you are afraid of Apache doing something bad at startup at the hands
of root, it would be a lot easier for someone who has compromised root
to do something bad without the use of Apache.

-- 
Garth Winter Webb <garth@perijove.com>

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message