[PLUG]apache 1.3.12
Eric Richardson
plug-discuss@lists.PLUG.phoenix.az.us
Thu, 12 Jul 2001 08:39:25 -0700
slr wrote:
>
> no apache is run as root. and for some reason the user for logrotate is
> trying to access the root profile, and this may be happening because root
> starts apache.
If this is true, then it is really bad to run httpd as root. This gives
a CGI full access to the system.
On Debian in my /etc/apache/httpd.conf
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
# User/Group: The name (or #number) of the user/group to run httpd as.
# On SCO (ODT 3) use User nouser and Group nogroup
# On HPUX you may not be able to use shared memory as nobody, and the
# suggested workaround is to create a user www and use that user.
User www-data
Group www-data
Hope this helps,
Eric