Home/ Questions/Q 8548609
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-11T13:32:09+00:00

the problem is that I used ps aux | grep apache which says the

  • 0

the problem is that I used ps aux | grep apache which says the apache is running as nobody.
But then I used exec("whoami"), it gives a different result: root or gt. It depends on the owner of the script. If the script is owned by root, whoami is root; if owned by gt, then whoami is gt.
I also checked httpd.conf, the apache user is nobody, group is nobody.

So could anybody explain this thing?

Thank you!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    you are using either cgi or fast-cgi ,

    to be “nobody” you need to use mod_php (php as an apache module)

    http://php.net/manual/en/security.apache.php

    When PHP is used as an Apache module it inherits Apache’s user
    permissions (typically those of the “nobody” user).

    http://www.php.net/manual/en/security.cgi-bin.attacks.php

    Using PHP as a CGI binary is an option for setups that for some reason
    do not wish to integrate PHP as a module into server software (like
    Apache), or will use PHP with different kinds of CGI wrappers to
    create safe chroot and setuid environments for scripts.

    And there is also SuPHP https://serverfault.com/questions/7589/how-do-you-run-a-php-script-as-the-owner

    • 0