Mailinglist Archive: opensuse-security (192 mails)

< Previous Next >
Re: [suse-security] httpd run as root
  • From: Eilert Brinkmann <eilert@xxxxxxxxxxxxxxxxxxxxxxxx>
  • Date: 18 May 2000 08:40:43 +0200
  • Message-id: <xttk8gswec4.fsf@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
kei <csec@xxxxxxxxxxxxxxxxxx> wrote:
> In spite of the fact that I have apache set to chown to wwwrun, ps -aux
> still reports an httpd as owned by root. Actually, there are two httpd
> running and one is owned by root and the other is owned by httpd. In
> httpd.conf I have StartServers = 1. Why are there two deamons running?

In order to bind to a priviledged Port (80 < 1024) httpd must run as
root. To be able to do this again (e.g., after loading a new
configuration at runtime) the initial httpd process remains with root
priviledges. This process forks one (as in your case) or more server
processes which will handle incoming HTTP requests and change their
user ID to that one specified in the configuration file.

Eilert
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Eilert Brinkmann -- Universitaet Bremen -- FB 3, Informatik
eilert@xxxxxxxxxxxxxxxxxxxxxxxx - eilert@xxxxxxx - eilert@xxxxxxxxxxxxxx
http://www.informatik.uni-bremen.de/~eilert/

< Previous Next >
This Thread
References