Portal Home > Knowledgebase > Articles Database > still apache parent owns root :(
still apache parent owns root :(
Posted by Syslint, 07-15-2009, 08:23 AM |
Hello,
Why apache parent process still owned by root user.
=========
root@server:~# ps aux | grep apache2
root 30161 0.0 0.8 35588 8368 ? Ss 17:41 0:00 /usr/sbin/apache2 -k start
www-data 30166 0.0 0.7 36080 7196 ? S 17:41 0:00 /usr/sbin/apache2 -k start
www-data 30167 0.0 0.6 36068 7104 ? S 17:41 0:00 /usr/sbin/apache2 -k start
www-data 30168 0.0 0.6 35692 6224 ? S 17:41 0:00 /usr/sbin/apache2 -k start
www-data 30169 0.0 0.5 36080 6104 ? S 17:41 0:00 /usr/sbin/apache2 -k start
www-data 30170 0.0 0.6 36080 6284 ? S 17:41 0:00 /usr/sbin/apache2 -k start
www-data 30175 0.0 0.6 35692 6220 ? S 17:42 0:00 /usr/sbin/apache2 -k start
www-data 30176 0.0 0.6 36128 6956 ? S 17:42 0:00 /usr/sbin/apache2 -k start
www-data 30177 0.0 0.6 36156 6984 ? S 17:42 0:00 /usr/sbin/apache2 -k start
=================
I can see "lighttpd" is not using root user. We can configure lighttpd as a standalone user itself.
Some syus say it is for binding ports and listening , then why lighttpd don't need root user for doing such stuff .
Is it really a bug ?
|
Posted by CI-Andrew, 07-15-2009, 10:19 AM |
This is normal, the parent process will be owned by root then spawn the children owned by the user configured in httpd.conf
|
Posted by supportexpertz, 07-15-2009, 10:28 AM |
the parent process for litespeed httpd will be owned by root.
check it using the following command
|
Posted by Syslint, 07-15-2009, 11:00 AM |
I mean "Lighttpd" and not "litespeed" . both are different
See one of my servers using lighttpd
========
$ps aux | grep lighttpd
www-data 16202 0.0 0.0 5972 1592 ? S 17:37 0:00 /usr/local/lighttpd/sbin/lighttpd -f /etc/lighttpd/lighttpd.conf
========
My question is why apache still choosing this method ?
|
Posted by fwaggle, 07-15-2009, 11:15 AM |
Because it's the easiest way to maintain things like opening privileged ports without a restart, reading config files and/or certificates, etc.
It's not really that big of a deal, privileges are dropped for the majority of operations - it's just the "supervisor" process that retains root privileges. "Apache running as root" was really only a ZOMFGbigdeal because you could execute CGI scripts as root as well. I'd personally be willing to bet that all of the network-related code is running with reduced privileges so a remote exploit in Apache doesn't even mean instant root anymore.
I wouldn't worry about it too much.
|
Posted by supportexpertz, 07-15-2009, 11:33 AM |
Sorry I misread lighttpd as lshttpd. I am aware of the fact that both are different. ..
Parent process running as root is safe, while it is possible to run a webserver without root privileges.
|
Add to Favourites Print this Article
Also Read
Rate Donhost (Views: 480)