Run Apache as different User is quite useful in WordPress development and WordPress hosting.
Apache runs as www-data in Debian/Ubuntu.
However, this is not convenient in a WordPress installation:
apache2-mpm-itk (just mpm-itk for short) is an MPM (Multi-Processing Module) for the Apache web server. mpm-itk allows you to run each of your vhost under a separate uid and gid—in short, the scripts and configuration files for one vhost no longer have to be readable for all the other vhosts.
Since mpm-itk has to be able to setuid(), it runs as root (although restricted with POSIX capabilities and seccomp v2 where possible) until the request is parsed and the vhost determined. This means that any code execution hole before the request is parsed will be a potential root security hole. (The most likely place is probably in mod_ssl.) This is not likely to change in the near future, as socket passing, the most likely alternative solution, is very hard to get to work properly in a number of common use cases (e.g. SSL).
The lack of socket passing also leads to another minor quirk: If you connect to httpd, make a request and then make a request on the same connection that gets handled by a different uid, mpm-itk simply shuts down the connection. This is perfectly legal according to RFC 2616 section 8.1.4, and all major clients seem to handle it well; the web server simply simulates a timeout, and the client just opens a new connection and retries the request. However, there is a small performance hit, and thus you should avoid including content from multiple uids in the same page.
Note that mpm-itk is nowhere as tested as, say, prefork. That being said, it’s being run in production at several sites in the world, both hobbyist and commercial, some as large as ~10 million hits a day.
