Processes being run as root user

Question: I have seen that several processes like httpd and vsslproxy run as the root user. Does this compromise system security?

Answer: sslproxy and vsslproxy have to access ports less than 1024 so they have to run as root. Each "child" actually handles one Virtual Service, so it also must run as root; the parent just starts and stops the children. These proxies never write to the file system and never start sub-processes. Also, the reading of files cannot be influenced by user data. These processes just pass the data on to the next processing element in the chain.
HTTPDS runs as root until it has to do something (like start a script), when it lowers it's permissions so that the scripts run as a non-privileged user.

 

Was this article helpful?

0 out of 0 found this helpful

Comments