Answer the question
In order to leave comments, you need to log in
M
M
Maxim Uglov2015-09-29 23:27:42
Maxim Uglov, 2015-09-29 23:27:42
Is it normal to process as root on a web server?
I'm trying to find a bottleneck on the site. I list the current processes and see many running as root with the name httpd.itk.
is this ok? how to narrow the search? I thought about assigning different users to different sites to run, but if almost half of the apache processes are started from root, then this will not help.
1 answer(s)
Protko @Fesor
mpm-itk.sesse.net
S
Sergey, 2015-09-29 Protko @Fesor
Since mpm-itk has to be able to setuid(), it runs as root (although restricted with POSIX capabilities and seccomp v2 where possible) until the request is parsed and the vhost determined. This means that any code execution hole before the request is parsed will be a potential root security hole. (The most likely place is probably in mod_ssl.) This is not likely to change in the near future, as socket passing, the most likely alternative solution, is very hard to get to work properly in a number of common use cases (eg SSL ).
mpm-itk.sesse.net
Similar questions
I
Ivan Karabadzhak2012-02-03 22:58:07
How to show students the work of HTTP, DHCP, DNS servers?
6Reply
A
A
K
P
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question