Well, for one since certain capabilities (privileges) are bound to the "root" user, like being able to bind to ports below 1024. In your example, to be able to bind to port 80/TCP httpd has to be started as root. After the socket is set up and the socket bound to port 80/TCP, httpd will fork off "worker" threads to handle incoming connetcions etc etc.
Try running "ps" again, for instance as "/bin/ps ax -eo uid,euid,gid,egid,pid,args f". Showing output in "forest mode" prefixed with (e)uid/gid stuff. You should see the "main" httpd thread running as uid/gid root and the "worker" threads as the apache uid/gid.
The "main" thread doesn't interface with the network or users but instead delegates worker threads to do fulfill those tasks.
|