Does apache always run as root?

[kcolwell]

I've been struggling attempting to get some security checks to pass but apache/php can always write to files in the web directory. I've changed the apache configuration to run as a different user and ps -ef shows that the subsequent apache instances are running as that user. apachectl -S also shows that apache running as the new user.

However, when files in the web directory are owned by root and the permissions are set to 700 apache/php can still write to the files. Is this just some weird docker thing?

[kcolwell]

If you are using a Mac there is some weird file permission stuff that goes on behind the scenes with Docker and the MacOS. It's a clever attempt to make it was to code on your localhost.

Here is an excellent overview: https://stackoverflow.com/questions/43097341/docker-on-macosx-does-not-translate-file-ownership-correctly-in-volumes