Refer to; http://httpd.apache.org/docs-2.0/platform/windows.html#winsvc
Most of the time, LocalSystem will only allow a compromise of the specific box. It has no authority to the network. Incidentally, this means that web servers attempting to access network resources cannot use the 'default' installation. On a bigger-picture scale, I'll look at moving the 'run as user' docs up front on that platform page, and perhaps modifying the installer to prompt for a 'user to run as'. The ASF installers never create (nor should they create) arbitrary accounts, but it would be reasonable to remind users (by choosing which account to use) that they should take steps to lock down the scope of the Apache service. Bill At 04:06 PM 2/4/2005, Luis Fco wrote: >Thanks Bill > >Already done that, and solved all my problems. >So, anyone using Apache/mod_aspnet, must start the Apache service whith a >user other then the SYSTEM?. > >Thanks for your support. > >Luis > > >> -----Original Message----- >> From: William A. Rowe, Jr. [mailto:[EMAIL PROTECTED] >> Sent: Friday, February 04, 2005 3:08 PM >> To: [EMAIL PROTECTED] >> Subject: Re: [cli-users] How to set permissions? IIS uses >> ASPNET_WP account, what account uses mod_aspnet? >> >> >> Luis, >> >> I believe you should be able to go to the Control Panel, >> Admin Tools, Services, and change the Apache2 service's >> Properties to 'Log On' as the .\ASPNET user. The problem, >> of course, is the password. I don't know what side effects >> would occur from your modifying this account. >> >> You might want to create a specific APACHE user account >> instead, granting the appropriate access to resources. >> >> Bill >> >> At 02:37 PM 2/4/2005, you wrote: >> >Hi >> > >> >In IIS I must set the permissions to the ASPNET_WP account. What >> >account uses mod_aspnet? I had a problem that I resolved by >> running the >> >Apache http windows service with an administrator account. >> Am I doing the right thing? Because I'm not sure if it is the >> best thing that Apache/mod_aspnet has full administrator privileges. >> > >> >Thanks >> > >> >Luis >> >> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
