must phalcon be run as root

Hi,

I've picked up here and there Phalcon MUST run as root user. As others than myself (and myself) pointed out such is a notable risk if not unpredictable risk i wonder how Phalcon adresses this challenge.

Running as root permits for accidental or intentional code execution or injection to be run as root, effectively causing a "game over" condition. Which i don't think it the intent for this project. What i've learned thus far is stimulating but I'm new. I hope to learn more from the anwsers to this post.

Thank you for your consideration.

edited 28d ago

You mean phalcon CLI aka dev-tools?

As for SO extension itself, situation is like this:

root      1215     1  0 Oct12 ?        00:00:52 php-fpm: master process (/etc/php/7.0/fpm/php-fpm.conf)
www-data  1219  1215  0 Oct12 ?        00:00:00 php-fpm: pool ts-middleware-php7
www-data  1220  1215  0 Oct12 ?        00:00:00 php-fpm: pool ts-middleware-php7
www-data  1221  1215  0 Oct12 ?        00:00:00 php-fpm: pool ts-middleware-php7
www-data  1222  1215  0 Oct12 ?        00:00:00 php-fpm: pool ts-middleware-php7
www-data  1223  1215  0 Oct12 ?        00:00:00 php-fpm: pool ts-middleware-php7
www-data  1224  1215  0 Oct12 ?        00:00:00 php-fpm: pool ts-middleware-php7

so FPM master process runs by root, whilst pool itself (workers) is ran as a different (non-root) user.

So phalcon is loaded just like any other extension out there.

So who runs pdo extension? Same answer applies for phalcon.so.

Thanks. I think this is exactly the answer for my question.

Many process run as root as a PPID yet fork PID under lower privilege. I still thinks it is strange to run anything service-like as root but hey, that's what happens. I've come to understand this is because root process runs at higher privilege in the kernel and hence has noticeably more performance.

Whenever it comes to C/C++ my greatest concern is code quality, especially with memory management. The penalty for a mistake in c/c++ is high and the margin for error is wider than usual. I'm impressed with how Phalcon is constructed thus far. Just an impression, not a code review :)

What i liked in Haxe as a transpiler is also present in Zephyr. The opportunity to correct a mistake at a single point (generator), recompile and fixe.