From owner-freebsd-security Fri Feb 2 9:57: 6 2001 Delivered-To: freebsd-security@freebsd.org Received: from harrier.prod.itd.earthlink.net (harrier.prod.itd.earthlink.net [207.217.121.12]) by hub.freebsd.org (Postfix) with ESMTP id 273C237B65D for ; Fri, 2 Feb 2001 09:56:48 -0800 (PST) Received: from pavilion (user-33qts7u.dialup.mindspring.com [199.174.240.254]) by harrier.prod.itd.earthlink.net (EL-8_9_3_3/8.9.3) with SMTP id JAA05767; Fri, 2 Feb 2001 09:56:44 -0800 (PST) Message-ID: <002701c08d41$810430a0$0101a8c0@pavilion> From: "Richard Ward" To: "David G. Andersen" Cc: References: <200102021753.KAA24081@faith.cs.utah.edu> Subject: Re: Apache uid/gid Date: Fri, 2 Feb 2001 12:56:42 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2014.211 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2615.200 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org It doesn't handle requests? That's something I didn't know. Thanks for = shedding light on this, and sorry to those who are also saying "This has = nothing to do with FreeBSD security". -- Richard Ward, CEO richard@neonsky.net Neonsky Internet Services ----- Original Message -----=20 From: David G. Andersen To: Richard Ward Cc: Sent: Friday, February 02, 2001 12:53 PM Subject: Re: Apache uid/gid > The process running as root is the master process. Don't kill it, > don't step on it, it's doing what you want. It doesn't handle > requests; the non-root children do. >=20 > You're right, btw - this has nothing to do with FreeBSD security. :) >=20 > -Dave >=20 > Lo and behold, Richard Ward once said: > >=20 > > I'm not too sure this has anything to do with actual FreeBSD = security, though it has been on my mind for some time. I'm running = Apache 1.3.12 and it's binding to user and group id "nobody". When I = start apache with apachctl, it spawns the amount of daemons listed in = httpd.conf, though one of those spawns are running as root. I can kill = the process running as root and all is well. > >=20 > > My question is: Is this a threat? Having this mystery process that's = not binding to the correct uid/gid specified, does it defeat the whole = purpose of binding Apache to it's own user/group? > >=20 > > Thanks. > > -- > > Richard Ward, CEO > > richard@neonsky.net > > Neonsky Internet Services > >=20 >=20 >=20 > --=20 > work: dga@lcs.mit.edu me: dga@pobox.com > MIT Laboratory for Computer Science = http://www.angio.net/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message