When Inherit user security is set to yes, the ASP Server runs with the permissions of the Apache Web Server or the virtual host defined in the Apache Web Server httpd.conf file. This is the default security mode for Chili!Soft ASP. However, if you are running a Netscape or Zeus Web server, be sure to read the security note that follows.
When Inherit user security is set to no, the ASP Server runs as root, unless a different user or group is specified in the Chili!Soft ASP configuration file, casp.cnfg. This can create a security risk for your server. If you change Inherit user security to no, be sure to specify a user or group in casp.cnfg, as described in "Editing the Chili!Soft Configuration File" in Chapter 3: Managing Chili!Soft ASP."
Important Security Note about Netscape and Zeus Web Servers
Netscape and Zeus Web servers do not support Inherit user security mode, even when it is configured in the Administration Console. To protect the security of your server, when running Chili!Soft ASP with these Web servers, you should take the following steps:
- Set Inherit user security to no in the Administration Console.
- Specify a user or group in the casp.cnfg file, as described in "Editing the Chili!Soft Configuration File" in "Chapter 3: Managing Chili!Soft ASP." The ASP Server then runs with the permissions of that user or group.
See also:
Setting the Security Mode in "Chapter 3: Managing Chili!Soft ASP"
Changing ASP Server Settings in "Chapter 3: Managing Chili!Soft ASP"
Securing the Server in "Chapter 3: Managing Chili!Soft ASP"
Copyright 2001 Sun Microsystems, Inc. All rights reserved. Legal Notice.