1

PHP may be executing as a "privileged" group and user, which could be a serious security vulnerability

view story
linux-howto

http://askubuntu.com – I ran some security tests on a Ubuntu 12.04 server, and i've got theses warnings : PHP may be executing as a "privileged" group, which could be a serious security vulnerability. PHP may be executing as a "privileged" user, which could be a serious security vulnerability. In /etc/apache2/envvars i have this : export APACHE_RUN_USER=www-data export APACHE_RUN_GROUP=www-data And all files in /var/www are having theses user / group: www-data:www-data Am i setting this correctly? What should i do to fix this problem? Thank you in avance for your help! (HowTos)