Date: Fri, 2 Feb 2001 12:50:21 -0500 From: "Richard Ward" <mh@neonsky.net> To: <freebsd-security@FreeBSD.ORG> Subject: Apache uid/gid Message-ID: <001101c08d40$c6159360$0101a8c0@pavilion>
next in thread | raw e-mail | index | archive | help
I'm not too sure this has anything to do with actual FreeBSD security, though it has been on my mind for some time. I'm running Apache 1.3.12 and it's binding to user and group id "nobody". When I start apache with apachctl, it spawns the amount of daemons listed in httpd.conf, though one of those spawns are running as root. I can kill the process running as root and all is well. My question is: Is this a threat? Having this mystery process that's not binding to the correct uid/gid specified, does it defeat the whole purpose of binding Apache to it's own user/group? Thanks. -- Richard Ward, CEO richard@neonsky.net Neonsky Internet Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001101c08d40$c6159360$0101a8c0>