From owner-freebsd-security Fri Feb 2 9:54:15 2001 Delivered-To: freebsd-security@freebsd.org Received: from faith.cs.utah.edu (faith.cs.utah.edu [155.99.198.108]) by hub.freebsd.org (Postfix) with ESMTP id 0B78137B65D for ; Fri, 2 Feb 2001 09:53:55 -0800 (PST) Received: (from danderse@localhost) by faith.cs.utah.edu (8.9.3/8.9.3) id KAA24081; Fri, 2 Feb 2001 10:53:46 -0700 (MST) Message-Id: <200102021753.KAA24081@faith.cs.utah.edu> Subject: Re: Apache uid/gid To: mh@neonsky.net (Richard Ward) Date: Fri, 2 Feb 2001 10:53:46 -0700 (MST) Cc: freebsd-security@FreeBSD.ORG In-Reply-To: <001101c08d40$c6159360$0101a8c0@pavilion> from "Richard Ward" at Feb 02, 2001 12:50:21 PM From: "David G. Andersen" X-Mailer: ELM [version 2.5 PL2] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org The process running as root is the master process. Don't kill it, don't step on it, it's doing what you want. It doesn't handle requests; the non-root children do. You're right, btw - this has nothing to do with FreeBSD security. :) -Dave Lo and behold, Richard Ward once said: > > I'm not too sure this has anything to do with actual FreeBSD security, though it has been on my mind for some time. I'm running Apache 1.3.12 and it's binding to user and group id "nobody". When I start apache with apachctl, it spawns the amount of daemons listed in httpd.conf, though one of those spawns are running as root. I can kill the process running as root and all is well. > > My question is: Is this a threat? Having this mystery process that's not binding to the correct uid/gid specified, does it defeat the whole purpose of binding Apache to it's own user/group? > > Thanks. > -- > Richard Ward, CEO > richard@neonsky.net > Neonsky Internet Services > -- work: dga@lcs.mit.edu me: dga@pobox.com MIT Laboratory for Computer Science http://www.angio.net/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message