[TriLUG] apache2 security question

David Brain dbrain at gmail.com
Tue Aug 21 11:24:54 EDT 2007


Hi,

Root _is_ needed in order for apache to bind to port 80 - that is
correct. However in normal use after acquiring apache normally then
drops root, and becomes some other 'lesser' user (normally something
like 'apache' or 'httpd').

So while you need to be root to start/stop/reload/restart apache
(which could be granted via sudo - sounds like that is what you are
doing), it is definitely not necessary, and a security risk, to be
running apache as root.

_none_ of my work (or home for that matter) web servers run as root,
and we have a number of web admins making changes to sites.

But to answer the question, there is no real danger in giving a
_trusted_ web admin access to the httpd.conf - although I would
imagine there would be a definite risk of some kind of privilege
escalation being possible if the webadmin wanted to try something
malicious (e.g. overwriting things with apache log files, doing nasty
things with cgis etc..).

David.

On 8/21/07, Blackburn, Marvin <mblackburn at glenraven.com> wrote:
> Root is needed for port 80.  Access to other, non priveleged ports  are
> given to "lesser userss".
> It's a user convienence thing.  As you can tell, I'm not a web admin.
>
> In the past, we have taken the httpd.conf file and moved it in after
> inspection, but really don't always know what he is doing.  We give sudo to
> webadmin to apachectl
>
> -----Original Message-----
> From: trilug-bounces at trilug.org [mailto:trilug-bounces at trilug.org] On Behalf
> Of Matt Pusateri
> Sent: Tuesday, August 21, 2007 11:01 AM
> To: Triangle Linux Users Group General Discussion
> Subject: Re: [TriLUG] apache2 security question
>
> Why don't you give the webadmin sudo rights, yes it can be bypassed, but
> at least you will know it.  Also you need to decide whether you trust
> the webadmin or not!
>
>  I too wonder why your running apache as root?
>
> Matt P.
>
> Blackburn, Marvin wrote:
> > We need to run apache2 as root; however, we dont want to give our web
> > developer root access to modify the apache2 files as that, at one time,
> was
> > risky.
> > We started doing this quite some time ago; however, I'm not sure that we
> > need to continue doing this.  Is there any risk to giving the webadmin
> write
> > permissions to the httpd.conf file and allowing hiim to start and stop the
> > system with apachectl as long as root owns all the other files?
> >
> > most of our systems are rhel 3.0 and above and we use apache2 instead of
> teh
> > httpd that comes with the system.
> >
> >
> >
> >
> > _____________________________________
> > "He's no failure. He's not dead yet."
> > William Lloyd George
> >
> >
> >
> >
> >
>
> --
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
>
>
> --
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
>
>



More information about the TriLUG mailing list