|
|
|
|
|
|
by skissane
3096 days ago
|
|
|
Apache starts as root so it can bind ports 80 and 443, then switches to the apache user. But the logging subsystem starts before the setuid to apache, so a piped CustomLog binary runs as root. More secure options would be to use CAP_NET_BIND_SERVICE instead of root, or to make Apache bind an unprivileged port and then use something like iptables (or an external load balancer) to redirect 80/443 to the privileged ports. But, for reasons I can't quite recall (it was 10+ years ago) we didn't take up any of those more secure options. |
|
|