Suexec with Apache 1.3.29
cswiger at mac.com
Thu Apr 29 12:02:47 PDT 2004
On Apr 29, 2004, at 2:20 PM, Marty Landman wrote:
>> Now he has to give the webserver the same rights as everybody else on
>> the server.
> Real new to this as said, but the consistency of the approach seems to
> be that Apache itself runs as user nobody. So your argument may have
> merit but only if carried over to argue that httpd should run as
> something greater than the lowly 'nobody'.
I would argue that no file and no process on a system ought to be
running as nobody. FreeBSD ships with a www user, uid=80, which is a
much better choice to run Apache as.
It's entirely possible to set up web-driven services which interact
with Apache running as www, which in turn have their own uid's and
permissions, such as Mailman, Big Brother, WebObjects, and lots of
other "web middleware".
More information about the freebsd-questions