> > Is it still dangerous to run httpd server as root if admin can't
>manually edit the httpd.conf?
> >
>Only if admin also does not have write access to the apache logs directory
>(and any other directories where apache writes files, e.g. PID file,
>scoreboard).
>
How about the document root directory, still need no access for admin too
in order to secure it if run as root??
_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
