What account does Apache start under? The most > obvious privilege is the privilege to start processes under a > different user account.
The IIS worker process starts under it's own identity - Network Service. It's a incoming request that starts this process. Who's starting processes under other user accounts? (impersonation, if configured, will do this). I'm not sure what the security hole here is. Can you explain this to me? > ** Private ** wrote: > > Can you please explain this to me: > > > >> IIS needs to be run as a privileged user, Apache doesn't. Due to > this > >> simple fact, IIS is inherently less secure. If Apache gets > compromised, > >> you get the Apache account. If IIS gets compromised, you get the > >> server. > > > > I don't know Apache at all. > > > > However, there are multiple users that "run" IIS 6.0 - or are we > > talking IIS 5.0? > > Whichever you want. > > > > Do you mean the anonymous account - IUSR_MACHINENAME > > Or the default IIS 6.0 application pool identity - NETWORK SERVICE > > Or the default IIS 5.0 COM+ Medium/High User Isolation Mode - > > IWAM_MACHINENAME > > > > I'm not quite sure what you mean by "privileged account". > > An account with privileges a normal account does not have. The most > obvious privilege is the privilege to start processes under a > different user account. > > > > How does APACHE work in this regard? > > Apache is just an executable like any other executable. It runs as > whatever you started it with whatever you gave it, and that is it. > Jochem ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Upgrade to Adobe ColdFusion MX7 Experience Flex 2 & MX7 integration & create powerful cross-platform RIAs http:http://ad.doubleclick.net/clk;56760587;14748456;a?http://www.adobe.com/products/coldfusion/flex2/?sdid=LVNU Archive: http://www.houseoffusion.com/groups/CF-Community/message.cfm/messageid:227226 Subscription: http://www.houseoffusion.com/groups/CF-Community/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.5
