To: Scott Hurring You probably could have just changed the security restriction on the dll in question.. the problem was likely that winamp was running in a separate desktop space from the user apache was running as.. so either you would have to create a wrapper service, or pretty much do what you did...
can't say for apache.. but in iis, you could have created a separate application folder for the php that needed to access winamp, and without any extra extensions beyond php, should not have issues... Personally, I am one to REMOVE anything not being used.. in iis, I will remove unused asp extensions for php projects, and vice-versa.. this helps limit exposure... Code Red was averted on all the servers I had setup, because the extensions and folders that were suspect weren't in there the way I had things setup. Don't get me wrong, I like apache okay, just know IIS better, and have worked with it longer... the php projects I have been working on lately are deployed on apache/linux, but they are run by another admin... -- ======================================================================= Michael J. Ryan - tracker1[*at*]theroughnecks.com Roughneck BBS: http://www.theroughnecks.net telnet://theroughnecks.net ======================================================================= Y!: aztracker1 - aim: azTracker1 - icq: 4935386 - msn: see email One program for aim/icq/yahoo/msn/irc - http://www.trillian.cc/ " Scott Hurring" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED]... > You're entirely correct -- IF it was an internet > accessable webserver. > > It's installed locally on my workstation solely for > local development. It's got a pretty nice corporate > firewall and "httpd.conf" restrictions setup to deny > access to everyone 'cept me. Of course, firewalls > and corporate LAN's can be hacked, but i figure that > if someone's good/determined enough to hack into this > particular LAN, apache security flaws are the least > of my worries. :-) > > But basically, i did that beucase i'm not too fluent > with the bizarre system of Win2k permissions and > system accounts... > > --- > Scott Hurring > Systems Programmer > EAC Corporation > [EMAIL PROTECTED] > Voice: 201-462-2149 > Fax: 201-288-1515 > > > -----Original Message----- > > From: Neil Smith [mailto:[EMAIL PROTECTED]] > > Sent: Tuesday, July 09, 2002 7:56 AM > > To: [EMAIL PROTECTED] > > Cc: [EMAIL PROTECTED] > > Subject: Re: run as > > > > > > At 09:15 09/07/2002 +0000, you wrote: > > >Message-ID: <[EMAIL PROTECTED]> > > >To: [EMAIL PROTECTED] > > >From: "Scott Hurring" <[EMAIL PROTECTED]> > > >Date: Mon, 8 Jul 2002 17:36:52 -0400 > > >Subject: Re: WinampCOM problem > > > > > >What user is your Server running as? > > > > Whoa ! This is a really, really *bad* idea - you have given > > the web server > > access to all the files which are owned by you as far as I > > can tell, and > > have introduced a major security hole. A web server should > > *always* run as > > its own (low-privilege) user, and be given limited access to > > specific files > > by adjusting the permissions on the file & directory on a > > case by case > > basis, not the other way around. > > > > Please tell me the address of your webserver, I wanna hack it ;-) > > (Actually you dont need to - somebody will probably beat me to it!) > > > > Cheers, > > Neil Smith. > > > > >For me, when i setup apache on my Win2k machine, i > > >had to "RunAs" my personal "scott" account, rather than > > >the system account, or else apache wouldn't be able to > > >read certain "scott-only" files.... perhaps the user that > > >apache is running as doesn't have permission to do > > >COM stuff.... but i really don't know for sure. > > > > > >-- > > >Scott Hurring > > >Systems Programmer > > >EAC Corporation > > >scott (*) eac.com > > >-- > > >"Olivier Hubert" <[EMAIL PROTECTED]> wrote in message > > > --- Synchronet NewsLink v1.00 Beta > --- Synchronet NewsLink v1.00 Beta * Roughneck BBS - www.theroughnecks.net - telnet://theroughnecks.net -- PHP Windows Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
