[TriLUG] apache2 security question
Jonathan Woodbury
jpwoodbu at mybox.org
Tue Aug 21 10:36:02 EDT 2007
Apache normally is started as root so it can bind to privileged ports,
like 80 and 443. But once it has bound to those ports, apache will
drop down to a less privileged user as configured by the User and
Group directives. And there's the rub. If you don't want to trust your
web admin with root level access, but you do want them to be able to
edit the apache config, then all they need to do to have apache gain
root access is to change the User and Group directives.
I can't think of any reason to run apache as root other than to allow
it to bind to those low ports and to write to log files. And there's
no reason that you couldn't have apache run as a normal user, then
have it bind to higher ports and use iptables to translate port
addresses for you. The log file issue is a simple matter of file
permissions.
Jonathan
On 8/21/07, Blackburn, Marvin <mblackburn at glenraven.com> wrote:
> We need to run apache2 as root; however, we dont want to give our web
> developer root access to modify the apache2 files as that, at one time, was
> risky.
> We started doing this quite some time ago; however, I'm not sure that we
> need to continue doing this. Is there any risk to giving the webadmin write
> permissions to the httpd.conf file and allowing hiim to start and stop the
> system with apachectl as long as root owns all the other files?
>
> most of our systems are rhel 3.0 and above and we use apache2 instead of teh
> httpd that comes with the system.
>
>
>
>
> _____________________________________
> "He's no failure. He's not dead yet."
> William Lloyd George
>
>
>
>
>
> --
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
>
>
More information about the TriLUG
mailing list