On 4 Jul 2004 at 15:47, Magnus Hagander wrote:
>
> This has nothing to do with possible attack vectors using SQL injection,
> for example. The admin starts the service. The SQL injection comes in
> though the webserver at a later time (and hey, if you don't even allow
> that one to connect to your server, then don't bother running it).
> Now sure, this is a bug in the web application, but there are thousands
> of webapps out tehre with just this kind of bug. And by not allowing the
> server to run as admin, we help the admins decrease the surface that
> this kind of attack can actually hit.
>
OK, I'll concede that one. I'd forgotten about web apps running on the same PC as the
DB.
> The one argument I buy is the one for making it easier for developers. I
> guess one way would be a commandline option that permits it to run as
> admin. In doing this, it should also *FORCE* connections to permit
> 127.0.0.1 only, and emit a screenful of warnings about how bad this is.
> But sure, in a developers VM or otherwise secured machine, it's not a
> major issue.
>
I think this is all the Win32 users are asking for, but given the above argument about
web apps it would still represent a small risk.
Thanks,
Gary.