administrator at leebrown.org
Tue Jan 17 07:22:10 EST 2006
Greetings! Right-click on your python installation directory and select "sharing and security." Click on the "security" tab." (If you don't see a "security" tab, you need to disable "simple file sharing.") Make sure that user SYSTEM is listed in the top box and make sure that user SYSTEM has "full control" selected in the bottom box. Otherwise, user SYSTEM has no authority to execute python. Windows XP has gotten a bad rap for being insecure, but it in fact has a good suite of security features that most people simply are unaware of or simply do not use. The NTFS file system has very fined-grained, unix-like control over user/group permissions, but most XP users don't take advantage of it. Using administrator-level accounts all the time is also a very bad idea - it is just like running everything as "root" on a unix box. If you are going to be using this computer as a web server accessible to the outside world, please believe me that you're going to need to know how to use these features and more. While securing an XP box for the web is beyond the scope of this mailing list, please consider doing the following: 1 - Read up on XP system administration and security. There are several good books on the subject - contact me off-line if you need a recommendation. 2 - Get yourself behind a hardware firewall. 3 - Establish specific users/groups for your web services and give these identities very specific access to only those things they need in order to run. 4 - Harden your Apache server against attack. I very highly recommend mod_security (http://www.modsecurity.org) Best Regards, Lee E. Brown (administrator at leebrown.org) -----Original Message----- From: mod_python-bounces at modpython.org [mailto:mod_python-bounces at modpython.org] On Behalf Of Dan Eloff Sent: Monday, January 16, 2006 1:15 PM To: mod_python at modpython.org Subject: Re: [mod_python] Can't seem to get mod_python working, please help me Ok apache is running with SYSTEM credentials, the same as a bunch of other services I recognize in there, including MySQL. Python is running as Wiley Coyote (my username.) Does that tell us anything?