httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bh...@gensym.com (Ben Hyde)
Subject [PATCH] Doc the issues with selecting/setting the Window's User Account
Date Tue, 16 Jun 1998 19:51:17 GMT

The following doc updates explain the drill for what the user
must think thru when configuring the account that
Apache uses under Windows.
  - ben hyde


Index: windows.html
===================================================================
RCS file: /cvs/apache-1.3/htdocs/manual/windows.html,v
retrieving revision 1.17
diff -u -r1.17 windows.html
--- windows.html	1998/06/16 02:40:32	1.17
+++ windows.html	1998/06/16 19:47:52
@@ -49,6 +49,7 @@
   <LI><A HREF="#cmdline">Running Apache for Windows from the Command Line</A>
   <LI><A HREF="#signal">Signalling Apache when running</A>
   <LI><A HREF="#comp">Compiling Apache for Windows</A>
+  <LI><A HREF="#user">The User Running Apache for Windows</a>
 </UL>
 
 <HR>
@@ -462,6 +463,43 @@
 actual server root (for example "C:\apache").  Copy over
 the conf/magic and conf/mime.types files as well.
 
+<H2><A NAME="user">The User Running Apache for Windows</a></H2>
+
+<P>
+Generally it is best to arrange to have Apache run as a user
+with as few "rights" or privileges as possible.  That can help
+limit damage caused by a security breach.
+
+<P>
+
+If you are running Apache as a service then by default it will run as the unique
+user known as <CODE>SystemLocal</Code>, otherwise it will run as the user in
+force when you invoked it.
+
+<P>
+
+<CODE>SystemLocal</code> is uniquely powerful on the local machine, but it has
+absolutely no access to the Microsoft networking, for example it can not usually
+access UNC files beyond the local machine.  Both because it is weak, and because
+it is powerful make it a poor choice for the user running a Web Server.  You can
+change the user that any service runs as in the Services Control Panel, if you
+have the "rights" to do so.
+
+<P>
+
+Avoiding dependencies on resources outside the local machine is also a good
+idea.  Currently Window's Apache can not serve files outside the local machine
+(i.e. those whose canonical UNC names are of the form
+//SharedMachine/dir/dir2/file.ext).  A local user is preferable since the
+service manager will have to check with your site's for configuration server when
+starting up and that in turn can cause startup to hang.
+
+<P> 
+
+Obviously the user you run Apache under must have read access to the
+configuration files, write access to the logs, read access to the content being
+served, execute access to any CGI facilities, read/write access to any cache
+files, etc.
 <!--#include virtual="footer.html" -->
 </BODY>
 </HTML>
Index: mod/core.html
===================================================================
RCS file: /cvs/apache-1.3/htdocs/manual/mod/core.html,v
retrieving revision 1.125
diff -u -r1.125 core.html
--- core.html	1998/06/16 03:37:15	1.125
+++ core.html	1998/06/16 19:47:54
@@ -2857,6 +2857,10 @@
 <DD>Refers to a user by their number.
 </DL>
 
+This directive has no effect on Windows
+(see "The <A href=../windows.html#user">User</a>
+Running Apache for Windows" section in the "Using Apache with Microsoft Windows").<P>
+
 The user should have no privileges which result in it being able to access
 files which are not intended to be visible to the outside world, and
 similarly, the user should not be able to execute code which is not

Mime
View raw message