[PLUG] CGI Programming
Brian Horan
bhoran at hexdev.com
Tue Apr 30 20:19:22 UTC 2002
user apache should not have a true shell. unless you want people (namely
people you don't like) logging into your machine as apache. if you need to
make changes that would (theoretically) be made by apache, use chmod, chown,
chgrp, etc. On other *NIX systems, httpd runs normally as USER: nobody
GROUP: nobody or www:www, etc.
If you are incredibly paranoid, you may want to consider chroot()-ing the
apache server also...It's kind of a pain in the arse, but you never know....
Why would you want to 'su' to apache?
If you don't mind my asking...
-Brian
On Tuesday 30 April 2002 12:28 pm, you wrote:
> When I tried to su to apache, it didn't work. So, I took a look at
> /etc/passwd and found that the shell for apache was /bin/false. Is it a
> horrible security risk to change this to a real shell?
>
> _______________________________________________
> PLUG mailing list
> PLUG at lists.pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
--
Brian Horan
bhoran at hexdev.com
More information about the PLUG
mailing list