I remember something about user nobody, I'll reread the data on this. Thanks,
Larry ----- Original Message ----- From: "Duncan Hill" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Saturday, August 03, 2002 11:11 AM Subject: Re: Apache login as root > On Sat, 3 Aug 2002, lrnobs wrote: > > > As a newbie, working in my basement disconnected from the world I have > > logged in as root each time I start Apache. > > > > The linux administrators guide I have been reading talks about daemons > > running as root as a potential security hole and potentially distructive. > > Take a look at your httpd.conf file - it should contain something like > User nobody OR > User httpd OR > User apache > > Because Apache binds to port that is lower than 1024 (privileged port), it > has to start as root. It then drops its privileges and runs as the user > listed in the config file. > > Moreover, you don't need to start it by hand - use the startup scripts > available in /etc/rc.d/init.d (and /rc3.d \ /rc5.d) to kick it into gear as > the system loads up. Default redhat install of Apache is started with the > /etc/rc.d/init.d/httpd script, which is called (depending on runlevel) by > /etc/rc.d/rc3.d/Sxxhttpd where xx is a number. > > HTH > > -- > > Sapere aude > My mind not only wanders, it sometimes leaves completely. > Never attribute to malice that which can be adequately explained by stupidity. > > > > -- > redhat-list mailing list > Unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe > https://listman.redhat.com/mailman/listinfo/redhat-list > > -- redhat-list mailing list Unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
