Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
11-27-2005, 08:28 PM
|
#1
|
|
Member
Registered: Apr 2005
Location: Ohio
Distribution: Slackware && freeBSD
Posts: 676
Rep: 
|
who should httpd run as
Hello,
Just ran top and noticed that I have httpd running as root as well as www.
Code:
last pid: 637; load averages: 0.00, 0.00, 0.00 up 0+00:22:56 10:24:21
36 processes: 1 running, 35 sleeping
CPU states: 1.2% user, 0.0% nice, 0.0% system, 0.0% interrupt, 98.8% idle
Mem: 78M Active, 11M Inact, 30M Wired, 24M Buf, 123M Free
Swap: 512M Total, 512M Free
PID USERNAME PRI NICE SIZE RES STATE TIME WCPU CPU COMMAND
495 root -58 0 50176K 49396K bpf 0:04 0.00% 0.00% snort
494 mysql 20 0 56632K 26560K kserel 0:03 0.00% 0.00% mysqld
621 root 96 0 2316K 1584K RUN 0:01 0.00% 0.00% top
435 root 96 0 15116K 9832K select 0:01 0.00% 0.00% httpd
614 lord_fu 96 0 6116K 2952K select 0:00 0.00% 0.00% sshd
170 root 8 0 1780K 1396K nanslp 0:00 0.00% 0.00% ipmon
276 root 96 0 1328K 896K select 0:00 0.00% 0.00% syslogd
611 root 4 0 6140K 2892K sbwait 0:00 0.00% 0.00% sshd
618 root 20 0 2296K 1796K pause 0:00 0.00% 0.00% csh
617 lord_fu 8 0 1608K 1284K wait 0:00 0.00% 0.00% su
460 mysql 8 0 1660K 1196K wait 0:00 0.00% 0.00% sh
615 lord_fu 8 0 1692K 1284K wait 0:00 0.00% 0.00% sh
413 root 8 0 1364K 1052K nanslp 0:00 0.00% 0.00% cron
550 root 5 0 1288K 952K ttyin 0:00 0.00% 0.00% getty
551 root 5 0 1288K 952K ttyin 0:00 0.00% 0.00% getty
556 root 5 0 1288K 952K ttyin 0:00 0.00% 0.00% getty
554 root 5 0 1288K 952K ttyin 0:00 0.00% 0.00% getty
557 root 5 0 1288K 952K ttyin 0:00 0.00% 0.00% getty
552 root 5 0 1288K 952K ttyin 0:00 0.00% 0.00% getty
555 root 5 0 1288K 952K ttyin 0:00 0.00% 0.00% getty
553 root 5 0 1288K 952K ttyin 0:00 0.00% 0.00% getty
392 root 96 0 3384K 2544K select 0:00 0.00% 0.00% sshd
504 root 4 0 1360K 828K accept 0:00 0.00% 0.00% vsftpd
455 www 4 0 15144K 9860K accept 0:00 0.00% 0.00% httpd
454 www 4 0 15144K 9860K accept 0:00 0.00% 0.00% httpd
456 www 4 0 15144K 9860K accept 0:00 0.00% 0.00% httpd
458 www 4 0 15144K 9860K accept 0:00 0.00% 0.00% httpd
457 www 4 0 15144K 9860K accept 0:00 0.00% 0.00% httpd
520 root 116 0 1240K 744K select 0:00 0.00% 0.00% moused
258 root 116 0 516K 356K select 0:00 0.00% 0.00% devd
192 root 20 0 1192K 648K pause 0:00 0.00% 0.00% adjkerntz
I have never noticed that before, is that bad? I thought httpd runs a www..
Slightly off topic whom should the files in my www dir be owned by?
Thank you for any help offered.
freeBSD 5.4
default kernel
apache-1.3.34
Last edited by lord-fu; 11-27-2005 at 08:31 PM.
|
|
|
|
|
11-27-2005, 08:54 PM
|
#2
|
|
Senior Member
Registered: May 2004
Location: In the DC 'burbs
Distribution: Arch, Scientific Linux, Debian, Ubuntu
Posts: 4,290
|
Apache must be started as root since only root can bind to port lower than 1024. The individual listeningprocesses run as the nonpriviliged www user though, as you see. As for the ownership of the files in the Web directory, that's mostly your call. I set them to be owned by whoever will need to edit them most frequently . One thing I do though is to not make them writeable by the www user though so they can't be modified by the web server itself (of course the www user must be able to read them).
|
|
|
|
|
11-27-2005, 09:00 PM
|
#3
|
|
Member
Registered: Apr 2005
Location: Ohio
Distribution: Slackware && freeBSD
Posts: 676
Original Poster
Rep:
|
Awesome, thank you for clearing that up for me.
|
|
|
|
|
11-27-2005, 10:14 PM
|
#4
|
|
Member
Registered: Nov 2003
Distribution: SUSE
Posts: 31
Rep:
|
Starting apache w/o root priveleges
Quote:
Originally posted by btmiller
Apache must be started as root since only root can bind to port lower than 1024. The individual listeningprocesses run as the nonpriviliged www user though, as you see. As for the ownership of the files in the Web directory, that's mostly your call. I set them to be owned by whoever will need to edit them most frequently . One thing I do though is to not make them writeable by the www user though so they can't be modified by the web server itself (of course the www user must be able to read them).
|
A little trick I came up with to avoid having to be root to start httpd: Have httpd listen on some high port (like 6666), then setup firewall rules to redirect all incoming traffic on 80 to 6666 and all outbound traffic on 6666 to 80. The fewer root processes you have running the better, right?
BTW - Good idea to take away apache's write access to the DocumentRoot! I'll go implement that now... |
|
|
|
All times are GMT -5. The time now is 02:03 PM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
