tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Crowther <peter.crowt...@melandra.com>
Subject Re: How to change effective user id on Windows
Date Thu, 07 Jan 2010 15:00:00 GMT
2010/1/7 Looijmans, Mike <mike.looijmans@oce.com>:
> The current configuration is correct in terms of security - the 'SYSTEM'
> user is a limited account that has no access to the desktop nor shared
> network resources.

Sorry to pick you up on this one, Mike, but I think you're thinking of
Local*Service*, not Local*System*.  LocalSystem has full
administrative access to the local computer, including (for example)
being able to write a rogue DLL to a spare directory, then amend the
registry so that that DLL is loaded by every process that runs on the
machine from this point onwards.  Or create a new local account that
*does* have desktop access and spawn a process running as that user.
If you can compromise LocalSystem, you've got the machine.

Windows' LocalSystem is very, very close to Unix's root.  If you want
a non-privileged account, use LocalService not LocalSystem.  See, for
example http://blogs.msdn.com/jmanning/archive/2008/04/06/localsystem-root-localservice-nobody.aspx

- Peter

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message