The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Exim processes running as root and mailnull

Discussion in 'E-mail Discussions' started by Escaflowne, Aug 23, 2006.

  1. Escaflowne

    Escaflowne Active Member

    Joined:
    May 5, 2004
    Messages:
    40
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    PL
    Hello!

    Here's a simple question (simple, but I can't seem to find the answer): why are some of exim's processes running as user mailnull and some as user root?

    And here's a bonus question: is this normal?

    Exim 4.62 on a FreeBSD 4.9 box.
     
  2. websupport

    websupport Well-Known Member

    Joined:
    Jun 24, 2006
    Messages:
    92
    Likes Received:
    0
    Trophy Points:
    6
    Don't worry

    Hello,

    It's important to know what processes are running on your server, so you can
    spot any abnormalities and potential security breaches.

    Root and mailnull are the normal processes. Don't worry about it.
    mailnull is a mail user account, used for exim.

    :)
     
  3. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    It is normal. Like several server daemons (such as httpd) they have an initial process that runs up under the root account so that they can access the necessary system files. They then launch child processes under a non-priveleged user account for the processing work. The reason they do this is simple - security. Because these processes usually process data derived from an untrusted source, i.e. the internet, should then ever be compromised, then the hacker would usually only have access to the non-privileged account instead of the root account.
     
Loading...

Share This Page