On Fri, Aug 29, 2008 at 08:05, Joseph S D Yao <jsdy@xxxxxxx> wrote: > Even if 'httpd' is still running as root when reading the cert, and so > able to use it, it is still a bad idea to have it OWNED by root - you > still have to have super-user powers to maintain it. Bad, bad, bad, > bad, bad. You need super user powers to maintain a webserver anyway. Doesn't mean you need to become root. You can use sudo. And putting in place a key is something you're not going to do often anyway. Krist -- krist.vanbesien@xxxxxxxxx krist@xxxxxxxxxxxxx Bremgarten b. Bern, Switzerland -- A: It reverses the normal flow of conversation. Q: What's wrong with top-posting? A: Top-posting. Q: What's the biggest scourge on plain text email discussions? --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx