> As for Local System, most important services on win32 log on
> as Local System by default. Apache, mysql, etc. (I think,
> even SQL server) are all configured to run this way, mostly
> because it causes less hassles for the typical win32 user.
> Of course, you can lock everything down after installation.
> Assumptions are just fundamentally different on win32.
Actually, MS SQL recommends you do *not* use Local System, for security
reasons. So do all other Microsoft products that have shipped recently,
AFAIK. Even IIS 6 doesn't run as Local System all the time anymore.
This is the reason why Windows Server 2003 has introduced LOCAL SERVICE
and NETWORK SERVICE which are used for low privilege servers that do not
have their own accounts. They could be used, but then you are locking
yourslef to 2003, which is not good.
NO service that does not ABSOLUTELY NEED Local System should *EVER* run
as Local System. One reason there are lots of security holes is far too
many breaks this assumption. You should *always* run with least required
privilege, and that is not Local System. If you need only local access,
use a local account. If you need to map drives or access SMB resources
outside the local machine, use a domain account with just the
appropriate privileges.
Just because others do it wrong doesn't mean postgresql should. If you
won't run as root on unix, don't do it on Windows. At least don't
*require* it. And if started as local system, at least log a warning
that this really is not a very good idea.
It is only slightly less of a hassle. Instead pre-package with
installation program or a simple tool that will create a local account
and assign it Login As Service permissions. You're sure to nede to run
as an administrator to install it anwyay (otherwise, you can't add the
service to the SCM), so no extra privs needed there.
> > Is there a decision on which platforms should be supported,
> other than
> > it's NT4+?
>
> Personally, I could care less if 95, 98, or ME are supported,
> and neither will the vast majority of win32 IT folks. IIRC,
> NT4 supports everything we need. I wouldn't worry about it
> too much.
Yeah, I'd say ignore the 9x line as well - it just lacks too much. The
question is if NT4 needs to be supported, or if you can put the bar at
Windows 2000. IMHO, NT4 should be supported if possible since there are
still a *lot* of NT4 installations out there, but that's just me...
//Magnus