httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Laurie <...@algroup.co.uk>
Subject Re: what user does Apache run as under NT?
Date Sun, 14 Dec 1997 22:14:25 GMT
Marc Slemko wrote:
> 
> Anyone?  Forgive me for not knowing NT.

Now you are asking. I tend to view NT as such a hopeless mess of
security holes that it isn't really worth considering which user it is
running as. But, the bottom line, I think, is that when you run it from
the command line, it runs as you. When you run it as a service, it runs
as, ummm, yes, well, probably Administrator, but maybe as some special
user.

We could change this behaviour. But when you see the hoops you have to
jump through to do something as simple as making a pipe created in a
service openable by a user process (I pick on this example because I've
actually done it, and it was hard), you might care to reconsider.

NT's security is baroque, and the question of "which user" isn't nearly
as meaningful as it is under Unix. You have to start thinking in terms
of ACLs, not users, I fear.

Why do you ask?

Cheers,

Ben.

-- 
Ben Laurie            |Phone: +44 (181) 735 0686|Apache Group member
Freelance Consultant  |Fax:   +44 (181) 735 0689|http://www.apache.org
and Technical Director|Email: ben@algroup.co.uk |Apache-SSL author
A.L. Digital Ltd,     |http://www.algroup.co.uk/Apache-SSL
London, England.      |"Apache: TDG" http://www.ora.com/catalog/apache

Mime
View raw message