Suexec with Apache 1.3.29
Charles Swiger
cswiger at mac.com
Thu Apr 29 12:02:47 PDT 2004
On Apr 29, 2004, at 2:20 PM, Marty Landman wrote:
>> Now he has to give the webserver the same rights as everybody else on
>> the server.
>
> Real new to this as said, but the consistency of the approach seems to
> be that Apache itself runs as user nobody. So your argument may have
> merit but only if carried over to argue that httpd should run as
> something greater than the lowly 'nobody'.
I would argue that no file and no process on a system ought to be
running as nobody. FreeBSD ships with a www user, uid=80, which is a
much better choice to run Apache as.
It's entirely possible to set up web-driven services which interact
with Apache running as www, which in turn have their own uid's and
permissions, such as Mailman, Big Brother, WebObjects, and lots of
other "web middleware".
--
-Chuck
More information about the freebsd-questions
mailing list