Re: Is my Apache server running as the root user or not?

From: Peter C. Lai (sirmoo_at_cowbert.net)
Date: 12/04/04

  • Next message: csnyder: "Re: Is my Apache server running as the root user or not?" 
    Date: Sat, 4 Dec 2004 04:47:49 -0500
To: Jesper Wallin <jesper@hackunite.net>

    This isn't on-topic for the list, but I'll answer it anyway. The Apache
    parent runs as root so that it can attach to port 80. After a packet reaches
    port 80, Apache will hand it off to a child process running as www. The
    parent process also does other housekeeping duties as you would expect from
    any other parent process.

    On Sat, Dec 04, 2004 at 07:24:27AM +0100, Jesper Wallin wrote:
    > Heya..
    >
    > By reading my /usr/local/etc/apache2/httpd.conf, I can find out that my Apache is
    > running as the user "www" and the group "www" .. Yet, when I run sockstat, it tells me
    > one of the forks are runned as root and listening on port 80 as well as the other forks
    > are runned by www:www.. If I got a lot of users connecting to my server on port 80, will
    > thier requests ever be answered by the root fork or the www:www forks?
    >
    > --- snip ---
    > [root@ninja:~]# sockstat -l4p80
    > USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS www httpd
    > 18149 3 tcp4 *:80 *:*
    > www httpd 18148 3 tcp4 *:80 *:*
    > www httpd 18147 3 tcp4 *:80 *:*
    > www httpd 14055 3 tcp4 *:80 *:*
    > www httpd 14054 3 tcp4 *:80 *:*
    > www httpd 14053 3 tcp4 *:80 *:*
    > www httpd 14052 3 tcp4 *:80 *:*
    > www httpd 14051 3 tcp4 *:80 *:*
    > root httpd 14050 3 tcp4 *:80 *:*
    > [root@ninja:~]#
    > --- snip ---
    >
    >
    > Best regards,
    > Jesper Wallin
    >
    >
    > _______________________________________________
    > freebsd-security@freebsd.org mailing list
    > http://lists.freebsd.org/mailman/listinfo/freebsd-security
    > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" 

    -- 
Peter C. Lai
University of Connecticut
Dept. of Molecular and Cell Biology
Yale University School of Medicine
SenseLab | Research Assistant
http://cowbert.2y.net/
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
  • Next message: csnyder: "Re: Is my Apache server running as the root user or not?"

    Relevant Pages

    • Re: Is my Apache server running as the root user or not?
      ... parent runs as root so that it can attach to port 80. ... port 80, Apache will hand it off to a child process running as www. ... > one of the forks are runned as root and listening on port 80 as well as the other forks ...
      (FreeBSD-Security)
    • Re: Is my Apache server running as the root user or not?
      ... it tells me one of the forks are runned as root ... Process owned by root is the parent process. ... Since you need to be root be able to bind on port 80, ...
      (FreeBSD-Security)
    • Re: Is my Apache server running as the root user or not?
      ... Apache has to be started as root, because it needs to bind to port 80 ... But this process doesn't serve clients, ... > one of the forks are runned as root and listening on port 80 as well as the other forks ...
      (FreeBSD-Security)
    • Is my Apache server running as the root user or not?
      ... Yet, when I run sockstat, it tells me ... one of the forks are runned as root and listening on port 80 as well as the other forks ... If I got a lot of users connecting to my server on port 80, ...
      (FreeBSD-Security)
    • Re: Hardening a Solaris system.
      ... > I know files that execute with root permissions by normal users (e.g. ... > I've set up a web server, running Apache, so are thinking about what I ... thing to leave enabled in here might be a backup port. ... there are security steps here. ...
      (comp.unix.solaris)