Date: Sun, 30 Dec 2001 21:12:28 -0500 From: dave@hawk-systems.com (Dave) To: <freebsd-questions@FreeBSD.ORG> Subject: RE: Getting Apache to run as user www only Message-ID: <DBEIKNMKGOBGNDHAAKGNEEMGLCAA.dave@hawk-systems.com> In-Reply-To: <1009759250.60bc5ff9tdrake@myrealbox.com>
next in thread | previous in thread | raw e-mail | index | archive | help
root is required for binding and spawning... though the instances are run as the www user, that with some sensible security constraints locks apache up pretty good against breaches. Is there a specific security concern that needs to be addressed? Dave >-----Original Message----- >From: owner-freebsd-questions@FreeBSD.ORG >[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Troy >Sent: Sunday, December 30, 2001 7:41 PM >To: freebsd-questions@FreeBSD.ORG >Subject: Getting Apache to run as user www only > > >Hi all, >I've been running Apache for quite a while, but I'm trying to secure >my system and keep as many things from running as root as possible. I >have the Apache config set to the default www as the user to run >under, but the initial httpd process runs as root. Is there a way to >get all the httpd processes to run as www? > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?DBEIKNMKGOBGNDHAAKGNEEMGLCAA.dave>