Is my Apache server running as the root user or not?

Ondra Holecek bln at deprese.net
Sat Dec 4 01:10:03 PST 2004


Hi,

Apache has to be started as root, because it needs to bind to port 80 
(ie. <1024). But this process doesn't serve clients, it only forks and 
then the id of forked process is changed to www and then it can serve 
clients...

Jesper Wallin wrote:
> Heya..
> 
> By reading my /usr/local/etc/apache2/httpd.conf, I can find out that my Apache is
> running as the user "www" and the group "www" .. Yet, when I run sockstat, it tells me
> one of the forks are runned as root and listening on port 80 as well as the other forks
> are runned by www:www.. If I got a lot of users connecting to my server on port 80, will
> thier requests ever be answered by the root fork or the www:www forks?
> 
> --- snip ---
> [root at ninja:~]# sockstat -l4p80
> USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS         FOREIGN ADDRESS www      httpd
>      18149 3  tcp4   *:80                  *:*
> www      httpd      18148 3  tcp4   *:80                  *:*
> www      httpd      18147 3  tcp4   *:80                  *:*
> www      httpd      14055 3  tcp4   *:80                  *:*
> www      httpd      14054 3  tcp4   *:80                  *:*
> www      httpd      14053 3  tcp4   *:80                  *:*
> www      httpd      14052 3  tcp4   *:80                  *:*
> www      httpd      14051 3  tcp4   *:80                  *:*
> root     httpd      14050 3  tcp4   *:80                  *:*
> [root at ninja:~]#
> --- snip ---
> 
> 
> Best regards,
> Jesper Wallin
> 
> 
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"
> 

-- 
# If it happens once, it's a bug.
# If it happens twice, it's a feature.
# If it happens more then twice, it's a design philosophy.


More information about the freebsd-security mailing list