You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Ben Hyde <bh...@gensym.com> on 1998/06/16 23:12:27 UTC
[PATCH] Take 2: Doc the issues with selecting/setting the Window's User Account
Take 2: converts / to \ in UNC example (thanks DDA).
The following doc updates explain the drill for what the user
must think thru when configuring the account that
Apache uses under Windows.
- ben hyde
Index: windows.html
===================================================================
RCS file: /cvs/apache-1.3/htdocs/manual/windows.html,v
retrieving revision 1.17
diff -u -r1.17 windows.html
--- windows.html 1998/06/16 02:40:32 1.17
+++ windows.html 1998/06/16 19:47:52
@@ -49,6 +49,7 @@
<LI><A HREF="#cmdline">Running Apache for Windows from the Command Line</A>
<LI><A HREF="#signal">Signalling Apache when running</A>
<LI><A HREF="#comp">Compiling Apache for Windows</A>
+ <LI><A HREF="#user">The User Running Apache for Windows</a>
</UL>
<HR>
@@ -462,6 +463,43 @@
actual server root (for example "C:\apache"). Copy over
the conf/magic and conf/mime.types files as well.
+<H2><A NAME="user">The User Running Apache for Windows</a></H2>
+
+<P>
+Generally it is best to arrange to have Apache run as a user
+with as few "rights" or privileges as possible. That can help
+limit damage caused by a security breach.
+
+<P>
+
+If you are running Apache as a service then by default it will run as the unique
+user known as <CODE>SystemLocal</Code>, otherwise it will run as the user in
+force when you invoked it.
+
+<P>
+
+<CODE>SystemLocal</code> is uniquely powerful on the local machine, but it has
+absolutely no access to the Microsoft networking, for example it can not usually
+access UNC files beyond the local machine. Both because it is weak, and because
+it is powerful make it a poor choice for the user running a Web Server. You can
+change the user that any service runs as in the Services Control Panel, if you
+have the "rights" to do so.
+
+<P>
+
+Avoiding dependencies on resources outside the local machine is also a good
+idea. Currently Window's Apache can not serve files outside the local machine
+(i.e. those whose canonical UNC names are of the form
+\\SharedMachine\dir\dir2\file.ext). A local user is preferable since the
+service manager will have to check with your site's for configuration server when
+starting up and that in turn can cause startup to hang.
+
+<P>
+
+Obviously the user you run Apache under must have read access to the
+configuration files, write access to the logs, read access to the content being
+served, execute access to any CGI facilities, read/write access to any cache
+files, etc.
<!--#include virtual="footer.html" -->
</BODY>
</HTML>
Index: mod/core.html
===================================================================
RCS file: /cvs/apache-1.3/htdocs/manual/mod/core.html,v
retrieving revision 1.125
diff -u -r1.125 core.html
--- core.html 1998/06/16 03:37:15 1.125
+++ core.html 1998/06/16 19:47:54
@@ -2857,6 +2857,10 @@
<DD>Refers to a user by their number.
</DL>
+This directive has no effect on Windows
+(see "The <A href=../windows.html#user">User</a>
+Running Apache for Windows" section in the "Using Apache with Microsoft Windows").<P>
+
The user should have no privileges which result in it being able to access
files which are not intended to be visible to the outside world, and
similarly, the user should not be able to execute code which is not
Re: [PATCH] Take 2: Doc the issues with selecting/setting the
Window's User Account
Posted by Brian Behlendorf <br...@hyperreal.org>.
At 05:12 PM 6/16/98 -0400, Ben Hyde wrote:
>Take 2: converts / to \ in UNC example (thanks DDA).
>
>The following doc updates explain the drill for what the user
>must think thru when configuring the account that
>Apache uses under Windows.
> - ben hyde
>
Looks good... there's a typo ("Apache on Windows NT", not "Window's
Apache"), but other than that I'd commit it, though it seems like you'll be
working on windows.html some more. Should I commit this now or wait for
more edits and commit in bulk?
Brian
--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--
pure chewing satisfaction brian@apache.org
brian@hyperreal.org