From: William A. Rowe Jr Date: Fri, 16 Jan 2009 18:58:47 +0000 (+0000) Subject: this security API needs some loving, a warning at least for SYSTEM/LocalSystem X-Git-Tag: 2.3.2~156 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=f043cfd4372ec0f399804c48da9d0520297b6ff6;p=thirdparty%2Fapache%2Fhttpd.git this security API needs some loving, a warning at least for SYSTEM/LocalSystem git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@735087 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/server/mpm/winnt/mpm_winnt.c b/server/mpm/winnt/mpm_winnt.c index b2c722ee7dc..45ac052b837 100644 --- a/server/mpm/winnt/mpm_winnt.c +++ b/server/mpm/winnt/mpm_winnt.c @@ -1325,6 +1325,12 @@ static int winnt_pre_config(apr_pool_t *pconf_, apr_pool_t *plog, apr_pool_t *pt ap_exists_config_define("DEBUG")) one_process = -1; + /* XXX: presume proper privilages; one nice thing would be + * a loud emit if running as "LocalSystem"/"SYSTEM" to indicate + * they should change to a user with write access to logs/ alone. + */ + ap_sys_privileges_handlers(1); + if (!strcasecmp(signal_arg, "runservice") && (service_to_start_success != APR_SUCCESS)) { ap_log_error(APLOG_MARK,APLOG_CRIT, service_to_start_success, NULL,