Working as root while Apache is running; how much a risk?

Michael Sullivan michael at espersunited.com
Fri Jul 9 18:41:49 UTC 2004 

When I issue a "ps -ef | grep httpd" I get:

[root at bullet root]# ps -ef | grep httpd
root      1938     1  0 13:06 ?        00:00:03 /usr/sbin/httpd
apache    2063  1938  0 13:06 ?        00:00:00 /usr/sbin/httpd
apache    2064  1938  0 13:06 ?        00:00:00 /usr/sbin/httpd
apache    2065  1938  0 13:06 ?        00:00:00 /usr/sbin/httpd
apache    2066  1938  0 13:06 ?        00:00:00 /usr/sbin/httpd
apache    2067  1938  0 13:06 ?        00:00:00 /usr/sbin/httpd
apache    2068  1938  0 13:06 ?        00:00:00 /usr/sbin/httpd
apache    2069  1938  0 13:06 ?        00:00:00 /usr/sbin/httpd
apache    2070  1938  0 13:06 ?        00:00:00 /usr/sbin/httpd
root      2419  2367  0 13:36 pts/1    00:00:00 grep httpd

How do I fix this?  I've tried doing "su apache", but it tells me that
the account is not available....


> On Fri, Jul 09, 2004 at 12:47:15PM -0400, Wayne Leutwyler wrote:
> > Try this:
> > 
> > ps -ef | grep httpd
> > 
> > What you should see is something like below:
> > 
> > apache   10423  1125  0 04:02 ?        00:00:00 /usr/sbin/httpd
> > -DHAVE_ACCESS -D
> > apache   10424  1125  0 04:02 ?        00:00:00 /usr/sbin/httpd
> > -DHAVE_ACCESS -D
> > apache   10425  1125  0 04:02 ?        00:00:00 /usr/sbin/httpd
> > -DHAVE_ACCESS -D
> > apache   10426  1125  0 04:02 ?        00:00:00 /usr/sbin/httpd
> > -DHAVE_ACCESS -D
> > apache   10427  1125  0 04:02 ?        00:00:00 /usr/sbin/httpd
> > -DHAVE_ACCESS -D
> > apache   10428  1125  0 04:02 ?        00:00:00 /usr/sbin/httpd
> > -DHAVE_ACCESS -D
> > apache   10429  1125  0 04:02 ?        00:00:00 /usr/sbin/httpd
> > -DHAVE_ACCESS -D
> > apache   10430  1125  0 04:02 ?        00:00:00 /usr/sbin/httpd
> > -DHAVE_ACCESS -D
> > 
> > Now if you see root where apache is that means your httpd server was
> > started by the root user. You should change that ASAP.  As you can see
> > in my example my httpd server was started by the apache user. 
> > 
> > I hope this example helps. 
> > 
> > Bottom line is that you can log into your server as root and you dont
> > have to stop the httpd server if the process or processes are owned by
> > the apache user.

More information about the fedora-list mailing list