Hi,
I noticed that in Apache/2.2.20 (Ubuntu), the ErrorLog is opened as root,
although the User is set to ${APACHE_RUN_USER}.
My concern is that if I make a mistake in ErrorLog, then I can damage any
file on my system because of a stupid copy-paste error.
I was wondering what is the reason Apache doesn't drop root privileges
before opening the ErrorLog file (to make sure that the user Apache will
end up running as can access and modify that file) and then get back the
root privileges, for the remaining operations that need be done as root?
Thank you,
Silviu
