[TriLUG] apache2 security question
James Olin Oden
james.oden at gmail.com
Tue Aug 21 11:14:10 EDT 2007
On 8/21/07, Blackburn, Marvin <mblackburn at glenraven.com> wrote:
> Root is needed for port 80. Access to other, non priveleged ports are
> given to "lesser userss".
> It's a user convienence thing. As you can tell, I'm not a web admin.
Apache starts off as root, so that it can use the lower ports, but
then it delevates to a configured user (nodbody, or apache typically).
What I don't know is what all it does while its root, such that I
don't know if in general there is much exposure from access to the
conf file or not. I would think there would be though whether apache
was always running as root or not because you can specify modules to
load in that conf file, such that they could get "arbitrary" code
running, which even without root access could cause issues subtly.
That said, they could do the same thing with cgi-bin.
Here is the real answer to your dilema. You need a change control
process and you need someone who is capable of monitoring/reviewing
his changes to the system. In this world configs and web files would
be under some sort of source control. At anyrate the key here is you
need to at least require some level of collusion for an issue to
That said, one must also consider the cost of what one is protecting
(including ones reputation in that figure also), and decide how much
you are willing to spend to ensure its security.
More information about the TriLUG