php-cgi 以 root 身份运行
我在lighttpd 1.4下将php 5.2.6作为cgi运行,并且由于某种原因它总是以root身份运行。 所有 php-cgi 进程均归 root 所有,所有写入文件系统的文件均归 root 所有。
我尝试将lighttpd中的用户设置为非特权用户,并确认它运行正常,只是以root身份运行的php。
我如何设置 php-cgi 以更安全的用户身份运行?
I run php 5.2.6 as a cgi under lighttpd 1.4 and for some reason it's always running as root. All php-cgi processes in are owned by root and all files written to the file system are owned by root.
I've tried setting the user in lighttpd as non privileged, and confirmed, it's running right it's just php that runs as root.
How would I set php-cgi to run as a safer user?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
确保:
停止 lighttpd。
如果php仍然以root身份运行,那么您可能在某个地方有一个SETUID脚本加载它们(您确实不应该,但它是可行的)
如果是这种情况,请检查文件“bin” -path' 指的是没有任何时髦的东西。
Ensure :
stop lighttpd.
if php is still running as root, then you possibly have a SETUID script somewhere loading them ( you really shouldn't, but its feasible )
if this is the case, check the file 'bin-path' refers to doesn't have anything funky on it.
您可能有一个以 root 身份在服务器上启动的 fastcgi 进程。 如果是这种情况,那么fastcgi进程将继续运行从lighttpd调用的php进程。
我建议终止服务器上的 fastcgi 进程并重新启动 lighttpd。
您可能还想查看任何可能启动 fastcgi 守护进程的启动脚本。
It is possible that you have a fastcgi process that was started on the server as root. If this is the case, then the fastcgi process will continue to run php processes called from lighttpd.
I suggest killing the fastcgi processes on your server and restarting lighttpd.
You might also want to take a look at any startup scripts that might launch the fastcgi daemon.