Running the administration server without root privileges
It is perfectly possible to run the administration server as a
non-root user. However, this has a reasonable number of connotations,
some of which are listed here.
- The administration server must run on a port greater than 1023.
This is because root privileges are required to bind to a port
less than 1024.
- The server must also run on a port greater than 1023 instead of
the default of 80 for the same reasons.
- The server cannot set its user and group id to the values set by
the administration server because this requires root
privileges. The server will run as the user by which it was
started.
- Any CGI scripts are also ran as the same user.
- The log files must be owned by this user.
- Because of the last two points, CGI scripts have write access to
the server log files which may be considered a security hazard
in some situations.
Back to administration server guide