December 2002
Intermediate to advanced
588 pages
25h 57m
English
Content preview from Apache: The Definitive Guide, 3rd EditionBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
User
The User
directive sets the user ID under
which the server will run when answering requests.
User unix-userid
Default: User #-1
Server config, virtual hostIn order to use this directive, the standalone server must be run
initially as root.
unix-userid is one of the following:
-
username Refers to the given user by name
-
#usernumber Refers to a user by his number
The user should have no privileges that allow access to files not
intended to be visible to the outside world; similarly, the user
should not be able to execute code that is not meant for
httpd requests. However, the user must have
access to certain things — the files it serves, for example, or
mod_proxy ’s cache, when
enabled (see the CacheRoot directive in Chapter 9).
Tip
If you start the server as a non-root user, it will fail to change to the lesser-privileged user and will instead continue to run as that original user. If you start the server as root, then it is normal for the parent process to remain running as root.
Warning
Don’t set User (or
Group) to root unless you
know exactly what you are doing and what the dangers are.