Subject: Running apache as root
To: None <netbsd-users@netbsd.org>
From: Todd Gruhn's account <tgruhn2@mail.com>
List: netbsd-users
Date: 10/05/2001 10:11:28
-----BEGIN PGP SIGNED MESSAGE-----


Several weeks a go I make a crack about the CODE RED worm -- someone
mentioned that the webserver should not run with root perms and that
it should run off an unprivelidged port.

I finally looked at my apache setup and noticed the following:
1) I am running it as root
2) I am running it behind IPF using keepstate rules
3) Due to 2 there is no problem here

If I am NOT PROVIDING service, how valid is the assumption in 3), would
it be worth my time to use the rdr command in IPF to redirect/alias port
80 to say, port 8080 or 80080?

Todd Gruhn



- -- 
Indeed in nothing is the power of the Dark Lord more clearly shown than in the
estrangement that divides all those who still oppose him. --Lord of the Rings
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
Comment: Processed by Mailcrypt 3.5.6, an Emacs/PGP interface
Charset: noconv

iQCVAwUBO73Nh5VEJY42ErpxAQHOygP/a9R8kBCd9LdadyEtl3iJCSK8tgMmRlIw
dZjBTQngtVueb1LpqJJJm9tkPUghbTXKg+Gisfl6wZi6uhE/AZUARyVVueHPn4T5
NIFUHCjoUhSm1kwOWOd2KB/9mKFkAzH3mXYo2ZicxyfpMXRYfYYiCWPX0/wZ8uzb
R7KQs7/moJc=
=OXlV
-----END PGP SIGNATURE-----