MK27 Posted February 9, 2009 Share Posted February 9, 2009 I'm using apache to work on some cgi stuff at home (linux) -- ie. there are no security issues. I noticed that since apache is not running as root, I can't access /root. So I tried changing User and Group in http.conf to root, and I get this: Apache has not been designed to serve pages while\n\trunning as root. There are known race conditions that\n\twill allow any local user to read any file on the system.\n\tIf you still desire to serve pages as root then\n\tadd -DBIG_SECURITY_HOLE to the CFLAGS env variable\n\tand then rebuild the server. This is just the FC10 "out-of-box" build. I imagine there is no way around the issue, but it doesn't hurt to ask... Link to comment https://forums.phpfreaks.com/topic/144493-accessing-root-home-dir/ Share on other sites More sharing options...
trq Posted February 9, 2009 Share Posted February 9, 2009 No way is really safe but you might want to loosen permissions on the /root directory or move the stuff you want apache to be able to access to a more apprpriate directory. I see no reason apache would ever need access to /root Link to comment https://forums.phpfreaks.com/topic/144493-accessing-root-home-dir/#findComment-758238 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.