My company is leasing a server from Interland, which is a very large
web hosting company. I assume Interland knows how to set up a BSD
server with the usual add-ons, including PHP. But when I run
phpinfo(), I get information that makes it seem like PHP is running as
root. Isn't this a security problem?
This is some of the info I'm getting back from phpinfo():
Additional Modules
Environment
USER root
HOME /root
ORIG_HOME /root
LOGNAME root
TERM vt100
PATH /bin:/usr/bin
CALLER root
CALLER_HOME /root
SUPERCMD apachectl_1.3.22_2.8.5
IFS
ORIG_USER root
ORIG_LOGNAME root
PHP Variables
HTTP_SERVER_VARS["argc"] 0
HTTP_ENV_VARS["USER"] root
HTTP_ENV_VARS["HOME"] /root
HTTP_ENV_VARS["ORIG_HOME"] /root
HTTP_ENV_VARS["LOGNAME"] root
HTTP_ENV_VARS["TERM"] vt100
HTTP_ENV_VARS["PATH"] /bin:/usr/bin
HTTP_ENV_VARS["CALLER"] root
HTTP_ENV_VARS["CALLER_HOME"] /root
HTTP_ENV_VARS["SUPERCMD"] apachectl_1.3.22_2.8.5
HTTP_ENV_VARS["IFS"]
HTTP_ENV_VARS["ORIG_USER"] root
HTTP_ENV_VARS["ORIG_LOGNAME"] root