Working as root while Apache is running; how much a risk?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



When I issue a "ps -ef | grep httpd" I get:

[root@bullet root]# ps -ef | grep httpd
root      1938     1  0 13:06 ?        00:00:03 /usr/sbin/httpd
apache    2063  1938  0 13:06 ?        00:00:00 /usr/sbin/httpd
apache    2064  1938  0 13:06 ?        00:00:00 /usr/sbin/httpd
apache    2065  1938  0 13:06 ?        00:00:00 /usr/sbin/httpd
apache    2066  1938  0 13:06 ?        00:00:00 /usr/sbin/httpd
apache    2067  1938  0 13:06 ?        00:00:00 /usr/sbin/httpd
apache    2068  1938  0 13:06 ?        00:00:00 /usr/sbin/httpd
apache    2069  1938  0 13:06 ?        00:00:00 /usr/sbin/httpd
apache    2070  1938  0 13:06 ?        00:00:00 /usr/sbin/httpd
root      2419  2367  0 13:36 pts/1    00:00:00 grep httpd

How do I fix this?  I've tried doing "su apache", but it tells me that
the account is not available....


> On Fri, Jul 09, 2004 at 12:47:15PM -0400, Wayne Leutwyler wrote:
> > Try this:
> > 
> > ps -ef | grep httpd
> > 
> > What you should see is something like below:
> > 
> > apache   10423  1125  0 04:02 ?        00:00:00 /usr/sbin/httpd
> > -DHAVE_ACCESS -D
> > apache   10424  1125  0 04:02 ?        00:00:00 /usr/sbin/httpd
> > -DHAVE_ACCESS -D
> > apache   10425  1125  0 04:02 ?        00:00:00 /usr/sbin/httpd
> > -DHAVE_ACCESS -D
> > apache   10426  1125  0 04:02 ?        00:00:00 /usr/sbin/httpd
> > -DHAVE_ACCESS -D
> > apache   10427  1125  0 04:02 ?        00:00:00 /usr/sbin/httpd
> > -DHAVE_ACCESS -D
> > apache   10428  1125  0 04:02 ?        00:00:00 /usr/sbin/httpd
> > -DHAVE_ACCESS -D
> > apache   10429  1125  0 04:02 ?        00:00:00 /usr/sbin/httpd
> > -DHAVE_ACCESS -D
> > apache   10430  1125  0 04:02 ?        00:00:00 /usr/sbin/httpd
> > -DHAVE_ACCESS -D
> > 
> > Now if you see root where apache is that means your httpd server was
> > started by the root user. You should change that ASAP.  As you can see
> > in my example my httpd server was started by the apache user. 
> > 
> > I hope this example helps. 
> > 
> > Bottom line is that you can log into your server as root and you dont
> > have to stop the httpd server if the process or processes are owned by
> > the apache user.




[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux