This patch sets the calls to OpenSCManager and OpenService to use the minimum required privileges.
Index: service.c =================================================================== RCS file: /home/cvspublic/httpd-2.0/server/mpm/winnt/service.c,v retrieving revision 1.56 diff -u -3 -r1.56 service.c --- service.c 2 Jul 2002 19:03:15 -0000 1.56 +++ service.c 9 Jul 2002 18:02:38 -0000 @@ -483,10 +483,10 @@ if ((osver.dwPlatformId == VER_PLATFORM_WIN32_NT) && (osver.dwMajorVersion > 4) && (ChangeServiceConfig2) - && (schSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS))) + && (schSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_CONNECT))) { SC_HANDLE schService = OpenService(schSCManager, mpm_service_name, - SERVICE_ALL_ACCESS); + SERVICE_CHANGE_CONFIG); if (schService) { /* Cast is necessary, ChangeServiceConfig2 handles multiple * object types, some volatile, some not. @@ -854,10 +854,9 @@ { SC_HANDLE schService; SC_HANDLE schSCManager; - - // TODO: Determine the minimum permissions required for security + schSCManager = OpenSCManager(NULL, NULL, /* local, default database */ - SC_MANAGER_ALL_ACCESS); + SC_MANAGER_CREATE_SERVICE); if (!schSCManager) { rv = apr_get_os_error(); ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, rv, NULL, @@ -870,7 +869,7 @@ if (reconfig) { /* ###: utf-ize */ schService = OpenService(schSCManager, mpm_service_name, - SERVICE_ALL_ACCESS); + SERVICE_CHANGE_CONFIG); if (!schService) { ap_log_error(APLOG_MARK, APLOG_ERR|APLOG_ERR, apr_get_os_error(), NULL, @@ -1008,9 +1007,8 @@ fprintf(stderr,"Removing the %s service\n", mpm_display_name); - // TODO: Determine the minimum permissions required for security schSCManager = OpenSCManager(NULL, NULL, /* local, default database */ - SC_MANAGER_ALL_ACCESS); + SC_MANAGER_CONNECT); if (!schSCManager) { rv = apr_get_os_error(); ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, rv, NULL, @@ -1019,7 +1017,7 @@ } /* ###: utf-ize */ - schService = OpenService(schSCManager, mpm_service_name, SERVICE_ALL_ACCESS); + schService = OpenService(schSCManager, mpm_service_name, DELETE); if (!schService) { rv = apr_get_os_error(); @@ -1123,9 +1121,8 @@ SC_HANDLE schService; SC_HANDLE schSCManager; - // TODO: Determine the minimum permissions required for security schSCManager = OpenSCManager(NULL, NULL, /* local, default database */ - SC_MANAGER_ALL_ACCESS); + SC_MANAGER_CONNECT); if (!schSCManager) { rv = apr_get_os_error(); ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, rv, NULL, @@ -1265,7 +1262,7 @@ SC_HANDLE schSCManager; schSCManager = OpenSCManager(NULL, NULL, // default machine & database - SC_MANAGER_ALL_ACCESS); + SC_MANAGER_CONNECT); if (!schSCManager) { ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_STARTUP, apr_get_os_error(), NULL, @@ -1275,7 +1272,8 @@ /* ###: utf-ize */ schService = OpenService(schSCManager, mpm_service_name, - SERVICE_ALL_ACCESS); + SERVICE_INTERROGATE | SERVICE_QUERY_STATUS | + SERVICE_START | SERVICE_STOP); if (schService == NULL) { /* Could not open the service */