Working as root while Apache is running; how much a risk?
Alexander Dalloz
alexander.dalloz at uni-bielefeld.de
Fri Jul 9 18:52:15 UTC 2004
Am Fr, den 09.07.2004 schrieb Michael Sullivan um 20:41:
> When I issue a "ps -ef | grep httpd" I get:
>
> [root at bullet root]# ps -ef | grep httpd
> root 1938 1 0 13:06 ? 00:00:03 /usr/sbin/httpd
> apache 2063 1938 0 13:06 ? 00:00:00 /usr/sbin/httpd
> apache 2064 1938 0 13:06 ? 00:00:00 /usr/sbin/httpd
> apache 2065 1938 0 13:06 ? 00:00:00 /usr/sbin/httpd
> apache 2066 1938 0 13:06 ? 00:00:00 /usr/sbin/httpd
> apache 2067 1938 0 13:06 ? 00:00:00 /usr/sbin/httpd
> apache 2068 1938 0 13:06 ? 00:00:00 /usr/sbin/httpd
> apache 2069 1938 0 13:06 ? 00:00:00 /usr/sbin/httpd
> apache 2070 1938 0 13:06 ? 00:00:00 /usr/sbin/httpd
> root 2419 2367 0 13:36 pts/1 00:00:00 grep httpd
>
> How do I fix this? I've tried doing "su apache", but it tells me that
> the account is not available....
What do you want to fix?! There is nothing to fix! Didn't you understand
what all the others already explained you about the master process -
running as user root - and the forked worker processes - running as
unprivileged user apache - which do the real communication with clients.
You can't su to user apache, because has no login shell:
apache:x:48:48:Apache:/var/www:/sbin/nologin
Alexander
--
Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
Fedora GNU/Linux Core 2 (Tettnang) on Athlon CPU kernel 2.6.6-1.435.2.3
Serendipity 20:49:19 up 2 days, 2:57, load average: 0.27, 0.37, 0.39
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20040709/2d2a24ee/attachment-0002.bin
More information about the users
mailing list