[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] security hole

Subject: Re: [cobalt-users] security hole
From: Mat Kovach <mkovach@xxxxxxxxxxxxxxxxx>
Date: Tue Mar 7 04:19:00 2000

On Tue, Mar 07, 2000 at 08:13:45AM +0100, Volker Kindermann wrote:
: who told you? By default the RaQ2 http-daemon runs as user "httpd". It's
: right that the very first httpd-prozess is run by root but all others are
: run by the user you specified in your /etc/httpd/conf/httpd.conf by the
: directive "user".

It has to start as root, otherwise it can not use port 80.  To be able to use
a port number < 1024, the parent process must be root.  Now, if you don't want
to run your web service on port 80, lets say port 8080 you can change the 
owner of the orignal httpd process.  If you look in the httpd.conf files you'll
see that it does not run the other process as root, but as httpd.

-- 
Mat Kovach                                      mkovach@xxxxxxxxxxxxxxxxx
Cleveland Linux User Group                       http://cleveland.lug.net

Follow-Ups:
- [cobalt-users] PostgreSQL Password ? mmmmmm
  - From: Francesc Leveque

References:
- Re: [cobalt-users] security hole
  - From: Volker Kindermann

Prev by Date: RE: [cobalt-users] A L M E R S A L
Next by Date: [cobalt-users] scripts by email
Previous by thread: Re: [cobalt-users] security hole
Next by thread: [cobalt-users] PostgreSQL Password ? mmmmmm

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index