httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 52612] New: Default Service Account
Date Mon, 06 Feb 2012 21:58:38 GMT

             Bug #: 52612
           Summary: Default Service Account
           Product: Apache httpd-2
           Version: 2.2.22
          Platform: PC
        OS/Version: Windows Server 2003
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Win32 MSI Installer
    Classification: Unclassified

When installing Apache as a service, the installer currently configures the
service to run under the LocalSystem account. This account has extensive
privileges on the local system and acts as the computer on the network.

Would it not make more sense to run the Apache service under the LocalService
account? This account has the same level of access to resources and objects as
members of the Users group. This limited access helps safeguard the system if
individual services or processes are compromised. Services that run as the
Local Service account access network resources as a null session without

Installing under the LocalService account and setting file and folder
permissions to read/execute at the top of the Apache folder tree, with
read/write/execute at the log folder seems to work fine.




Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message