Hey, Since Apache, by default, listens on a port lower than 1024, it has to start the apache server as root. When the apache server starts, it drops root priviliges. Note all the "nobody" child processes. When there is a web request it is handed to a child process. On Mon, 17 Nov 2003, angico wrote: > hi, all. > i was wandering why the first process of apache runs as superuser, > while the others run as nobody, as shown in the excerpt of "ps -aux" > below. is it ok? doesn't it open any security breach? > > root 364 0.0 0.5 6312 656 ? S Nov16 0:00 > /usr/bin/httpd -f /etc/httpd/httpd.conf > nobody 373 0.0 0.5 6424 680 ? S Nov16 0:00 > /usr/bin/httpd -f /etc/httpd/httpd.conf > nobody 374 0.0 0.5 6576 696 ? S Nov16 0:00 > /usr/bin/httpd -f /etc/httpd/httpd.conf > nobody 375 0.0 0.5 6568 696 ? S Nov16 0:00 > /usr/bin/httpd -f /etc/httpd/httpd.conf > nobody 377 0.0 0.5 6568 676 ? S Nov16 0:00 > /usr/bin/httpd -f /etc/httpd/httpd.conf > nobody 378 0.0 0.5 6632 692 ? S Nov16 0:00 > /usr/bin/httpd -f /etc/httpd/httpd.conf > > thank you for any help, > angico. > > __________________________________ > Do you Yahoo!? > Protect your identity with Yahoo! Mail AddressGuard > http://antispam.yahoo.com/whatsnewfree > ------------------------------------------------------------------------ > To unsubscribe email security-discuss-request@xxxxxxxxxxxxxxxxx > with "unsubscribe" in the subject of the message. > -- duane while [ !sleep ] sheep++ ; // Articles and stuff http://www.sukkha.info ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message.
