Re: Non-root using port 80
From: Jason Dixon (jason_at_dixongroup.net)
Date: 08/11/03
- Previous message: diego.veiga_at_embraer.com.br: "Non-root using port 80"
- In reply to: diego.veiga_at_embraer.com.br: "Non-root using port 80"
- Next in thread: David Eduardo Gomez Noguera: "Re: Non-root using port 80"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: redhat-list@redhat.com Date: 11 Aug 2003 06:40:44 -0400
On Mon, 2003-08-11 at 06:36, diego.veiga@embraer.com.br wrote:
> I would like to set apache to be started with a user non- user root. As
> port 1 to 1024 is for user root, how could i start the server with a
> non-user root?
You can't. Apache only binds to port 80 as root, then creates all child
processes with the limited "nobody" (or "apache" or "www") user. A
process must have root permissions to bind to port 80. Why are you
concerned about this? If Apache gets exploited and a shell becomes
available, the user only gains the environment of the limited user. If
that's not good enough for you, chroot Apache.
-- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
- Previous message: diego.veiga_at_embraer.com.br: "Non-root using port 80"
- In reply to: diego.veiga_at_embraer.com.br: "Non-root using port 80"
- Next in thread: David Eduardo Gomez Noguera: "Re: Non-root using port 80"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
