httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joseph S D Yao <>
Subject Re: [users@httpd] How to start Apache automatically with certificate?
Date Fri, 29 Aug 2008 05:39:06 GMT
On Thu, Aug 28, 2008 at 05:42:59PM -0400, Eric Covener wrote:
> root-owned private key sure sounds wiser to me.

Tell me three good reasons why.  Bad ones don't count.

There is nothing special about a file that is owned by root vs. another
UID.  There is a PROBLEM, that you must be root to do anything with that

If 'httpd' is run as user "apache", as it should be on any
well-regulated system, then a file that is readable only by root will
not be usable by it.  It will be USELESS.

> There are lots of files you don't want to be owned, or modifiable, by
> non-root users.  This is a good thing.

By non-root USERS, yes, absolutely.  Who said anything about users?  I'm
talking about a SYSTEM account.

Again, there is ABSOLUTELY NOTHING SPECIAL about a file that is owned by
root, except that to do anything with it, you have to have super-user
powers, which YOU SHOULD NEVER DO!  They are DANGEROUS.

** Joe Yao - Joseph S. D. Yao

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message