Apache running as root instead of user specified in httpd.conf

Solution 1:

Apache always needs to start as root, then it uses setuid to switch to user context of specified user in httpd.conf.

Without root (uid = 0) you can not create listening socket on privileged ports (below 1024)

For details read this documents:

  • http://www.thegeekstuff.com/2011/03/apache-hardening/

  • http://httpd.apache.org/docs/2.2/misc/security_tips.html

From first link:

# ps -ef | grep -i http | awk '{print $1}'
root
apache
apache
apache
apache
apache