I a tried to run server under limited user account which do not have access to all file system except its root directory (E:\usr\local\Apache2). Server installed as a service. When I run it I see the error and this message in the system event log: httpd.exe: Could not open configuration file bin/conf/httpd.conf: path not found Conf file located in /conf subdirectory of the server root directory. Winternals FileMon show the httpd.exe tried to open D:\WINDOWS\System32 \bin\conf\httpd.cfg only, without searching in other directories from the Path environment variable, only in first, with 'bin'. Okay, I put the key - d "E:\usr\local\Apache2" into the command line of service execution. After this apache found the httpd.conf file but do not start. EventLog now has another error: httpd.exe: Syntax error on line 4 of E:\\usr\\local\\Apache2/conf/httpd.conf: ServerRoot must be a valid directory In line 4 I have this string: 'ServerRoot "E:/usr/local/Apache2"'. Then I tried to comment it but have same error in another line. And this error continues with all paths in the config. BUT! If I run the service under system account - I have no errors, without changes of anything. All works fine. Limited user account have full access to the E:/usr/local/Apache2 directory.
Interesting; this bug should not be closed until we determine why exactly the -d argument was required in your specific case if you had a valid -f. That said... "Limited user account have full access to the E:/usr/local/Apache2 directory." In order to prevent directory and configuration paths from being confused and ignored, Apache will FindFile to obtain the 'true' directory name all the way from the root drive letter, up to the path. This means your limited user acct MUST have permission to list files and get the directory permissions info in e:\, e:\usr, e:\usr\local, e:\usr\local\apache2. That is, every directory that your configuration implies. It doesn't need read access to the actual files in those higher-level dirs, just what unix would call '555' access. On windows, this is "Read and Execute" al la Traverse Folder, List Folder, Read Attribs, Read Extended Attribs, and and Read Permissions. Keep us informed of your progress! Keep us informed of your efforts.
Is it riquired to list up-level directories? Why server can not "live" only in its directory? Why not only check given path exists, without listing of parent directories?
You was right. I permit the apache user to list directories and server started successfully. But I do not want permit apache look anywhere instead of its root directory. I am programmer, and I do not see any reason to list parent directories. >> why exactly the -d argument was required in your specific case if you had a >> valid -f The apache service runs with this command: "E:\usr\local\Apache2\bin\httpd.exe" -k runservice In my first post I wrote Apache can not find its config. Then I modified this command to "E:\usr\local\Apache2\bin\httpd.exe" -k runservice -d "E:\usr\local\Apache2" And Apache found its config. So, I think this is a bug, but from a few another case.
"Is it riquired to list up-level directories? Why server can not "live" only in its directory? Why not only check given path exists, without listing of parent directories?" Because Apache cannot be permitted to confuse e:\Apache2Server with e:\Apache~1 or the HOST of various conflicts which can occur because windows chooses to be CAST INSENSITIVE, but moreso because it's also NOT CANONICAL. The file path "e:\Apache2Server\" is equivilant to "e:\Apache2Server.", for example. Therefore we **INSIST** on canonicalizing the path. If we have nothing but list access to see dir FOO exists, this isn't a security problem. If we accept both e:\Apache~1\ and e:\Apache2Server as two different names, there IS A HUGE security problem. Marked as invalid. Parent directories must be list/traverse accessible to differentiate them on Win32.
(In reply to comment #4) > Because Apache cannot be permitted to confuse e:\Apache2Server with e:\Apache~1 > or the HOST of various conflicts which can occur because windows chooses to be > CAST INSENSITIVE, but moreso because it's also NOT CANONICAL. The file path > "e:\Apache2Server\" is equivilant to "e:\Apache2Server.", for example. > > Therefore we **INSIST** on canonicalizing the path. If we have nothing but list > access to see dir FOO exists, this isn't a security problem. If we accept both > e:\Apache~1\ and e:\Apache2Server as two different names, there IS A HUGE > security problem. > > Marked as invalid. Parent directories must be list/traverse accessible to > differentiate them on Win32. Is this statement true for both, windows and unix? Or for windows only? Thanks.