User
#-1
The User directive sets the userid as which the server will answer requests. In order to use this directive, the standalone server must be run initially as root. Unix-userid is one of:
nobody
, but this is not always
possible or desirable. For example mod_proxy's cache, when enabled,
must be accessible to this user (see the CacheRoot
directive).
Notes: If you start the server as a non-root user, it will fail to change to the lesser privileged user, and will instead continue to run as that original user. If you do start the server as root, then it is normal for the parent process to remain running as root.
Special note: Use of this directive in <VirtualHost> requires a properly configured suEXEC wrapper. When used inside a <VirtualHost> in this manner, only the user that CGIs are run as is affected. Non-CGI requests are still processed with the user specified in the main User directive.
SECURITY: Don't set User (or Group) to
root
unless you know exactly what you are doing, and
what the dangers are.