Suexec with Apache 1.3.29

Charles Swiger cswiger at
Thu Apr 29 12:02:47 PDT 2004

On Apr 29, 2004, at 2:20 PM, Marty Landman wrote:
>> Now he has to give the webserver the same rights as everybody else on 
>> the server.
> Real new to this as said, but the consistency of the approach seems to 
> be that Apache itself runs as user nobody. So your argument may have 
> merit but only if carried over to argue that httpd should run as 
> something greater than the lowly 'nobody'.

I would argue that no file and no process on a system ought to be 
running as nobody.  FreeBSD ships with a www user, uid=80, which is a 
much better choice to run Apache as.

It's entirely possible to set up web-driven services which interact 
with Apache running as www, which in turn have their own uid's and 
permissions, such as Mailman, Big Brother, WebObjects, and lots of 
other "web middleware".


More information about the freebsd-questions mailing list