Opening ErrorLog as root and overwriting any file on the system

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: users@xxxxxxxxxxxxxxxx
Subject: Opening ErrorLog as root and overwriting any file on the system
From: silviu andrica <silviu.andrica@xxxxxxxxx>
Date: Thu, 24 Nov 2011 16:53:59 +0100
Reply-to: users@xxxxxxxxxxxxxxxx

Hi,

I noticed that in Apache/2.2.20 (Ubuntu), the ErrorLog is opened as root, although the User is set to ${APACHE_RUN_USER}.
My concern is that if I make a mistake in ErrorLog, then I can damage any file on my system because of a stupid copy-paste error.

I was wondering what is the reason Apache doesn't drop root privileges before opening the ErrorLog file (to make sure that the user Apache will end up running as can access and modify that file) and then get back the root privileges, for the remaining operations that need be done as root?

Thank you,
Silviu

Follow-Ups:
- Re: Opening ErrorLog as root and overwriting any file on the system
  - From: Tom Evans

Prev by Date: Re: apr_off_t mismatch
Next by Date: Re: Opening ErrorLog as root and overwriting any file on the system
Previous by thread: Directory Index not displaying
Next by thread: Re: Opening ErrorLog as root and overwriting any file on the system
Index(es):
- Date
- Thread

[Index of Archives] [Open SSH Users] [Linux ACPI] [Linux Kernel] [Linux Laptop] [Kernel Newbies] [Security] [Netfilter] [Bugtraq] [Squid] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Samba] [Video 4 Linux] [Device Mapper]