Re: Is it possible to install apache server with non-root user [wd-vc]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Nice solution, but only for Linux. Other UNIXen don't have setcap.

Kurt Bremser
AMOS Austria

Newton was wrong. There is no gravity. The Earth sucks.
________________________________________
Von: Mathijs Schmittmann [info@xxxxxxxxxxxx]
Gesendet: Donnerstag, 29. Oktober 2015 10:50
An: users@xxxxxxxxxxxxxxxx
Betreff: Re: AW:  Is it possible to install apache server with non-root user [wd-vc]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

It is possible to make the httpd bind to ports <1024:

https://wiki.apache.org/httpd/NonRootPortBinding

On 29/10/15 10:49, Bremser, Kurt (AMOS Austria GmbH) wrote:
> Since httpd requires root privilege to bind to port 80, it needs to
> be run by the superuser, so from a security POV it should NOT be
> installed by another userid. You also need root privilege on many
> UNIXen to run the child processes under a different userid, if such
> is specified in the User directive of the configuration file.
>
> Kurt Bremser AMOS Austria
>
> Newton was wrong. There is no gravity. The Earth sucks.
> ----------------------------------------------------------------------
- --
>
>
*Von:* VELIDANDI, RAMAKRISHNA [RAMAKRISHNA.VELIDANDI@xxxxxxxxxxxx]
> *Gesendet:* Donnerstag, 29. Oktober 2015 09:55 *An:*
> users@xxxxxxxxxxxxxxxx *Betreff:*  Is it possible to
> install apache server with non-root user [wd-vc]
>
> Hi Team,
>
>
>
> Is it possible to install apache server with non-root user ?
>
> If yes, What are the groups required for non-root user ?
>
>
>
> Please share the info in  detail.
>
>
>
>
>
> *Thanks & Regards* *Ram* SAP BASIS - IBM GBS 5th Floor, Tower A,
> Prestige Shantiniketan, The Business Precinct,
>
> Whitefield Main Road, Bangalore - 560048, India.
>
> Off: 080 49281569
>
>
>
>
AMOS Austria GmbH 
1130 Wien, Hietzinger Kai 101-105 
FN 365014k, Handelsgericht Wien 
UID: ATU 66614737 

http://www.allianz.at 

******************************************************** 
Dieses E-Mail und allfaellig daran angeschlossene Anhaenge 
enthalten Informationen, die vertraulich und 
ausschliesslich fuer den (die) bezeichneten Adressaten 
bestimmt sind. 
Wenn Sie nicht der genannte Adressat sind, darf dieses 
E-Mail samt allfaelliger Anhaenge von Ihnen weder anderen 
Personen zugaenglich gemacht noch in anderer Weise 
verwertet werden.
Wenn Sie nicht der beabsichtigte Empfaenger sind, bitten
wir Sie, dieses E-Mail und saemtliche angeschlossene
Anhaenge zu loeschen. 

Please note: This email and any files transmitted with it is 
intended only for the named recipients and may contain 
confidential and/or privileged information. If you are not the 
intended recipient, please do not read, copy, use or disclose 
the contents of this communication to others and notify the 
sender immediately. Then please delete the email and any 
copies of it. Thank you.
********************************************************

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx




[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux