Accessing windows net from erlsrv

Twan van der Schoot twanvds@REDACTED
Fri Jul 25 03:50:19 CEST 2003


I'm afraid that it is even worse.  Most services run under the local SYSTEM
account which is has even more privileges than the standard (local)
Administrator account.

Eventhough one can trust Erlang stuff to a large extend, the fact that it
has connections with the outside world makes it a possible security loophole
if you let erlsrv run as a service under the SYSTEM account.

Please do use a special user.

Note, Even Microsoft (implicity) suggests that you should run MS SQL Server
and MS MQ under special user accounts rather than using SYSTEM.

regard

	Twan



> -----Original Message-----
> From: owner-erlang-questions@REDACTED
> [mailto:owner-erlang-questions@REDACTED]On Behalf Of Serge Aleynikov
> Sent: woensdag 23 juli 2003 15:07
> To: Erlang Questions
> Cc: Rudolph van Graan; Erlang Questions
> Subject: Re: Accessing windows net from erlsrv
>
>
> Rudolph is correct, but I'd like to add that unless the a windows
> service is running under an account that has network access, UNC paths
> wouldn't likely be accessible from your app.
>
> Configure erlsrv to run under some specific account other than local
> admin, and try the UNC approach.
>
> Serge
>
> Rudolph van Graan wrote:
> > Hi,
> >
> > My guess at the reason for this is that erlsrv is running as
> the windows
> > system account [unless setup otherwise]. This account would IMO not by
> > default have access to mapped folders [Which are only visible
> if you are
> > physically logged on as the interactive user]. Specify the path
> > differently, probably using UNC path names. I cannot remember how to do
> > this with netware, but on windows you would do something like:
> >
> > file:open("//some_server.some_domain/some_share/some_file",[write]).
> >
> > Rgds,
> >
> > R
> >
> >     -----Original Message-----
> >     From: Erlang Questions [mailto:erlang@REDACTED]
> >     Sent: 22 July 2003 09:18 PM
> >     To: Erlang Questions
> >     Subject: Accessing windows net from erlsrv
> >
> >     Hi, has someone passed through  this before?
> >
> >     I want to access a file located on a mapped net drive from Erlang
> >     using file module and running Erlang as a windows service (erlsrv).
> >     When the mapped drive is not a local directory Erlang (or Windows)
> >     could not solve the access.
> >     I have tried six different ways with different results:
> >
> >     Local folder mapped - running erl ->
> >     1> file:open("f:/pru.txt", [write]).
> >     {ok,IoDevice}
> >
> >     Net folder mapped - running erl -> (when the mapped drive is a
> >     Windows 2000)
> >     2> file:open("g:/pru.txt", [write]).
> >     {ok,IoDevice}
> >
> >     Net folder mapped - running erl -> (when the mapped drive
> is a Novell)
> >     3> file:open("z:/pru.txt", [write]).
> >     {ok,IoDevice}
> >
> >     Local folder mapped - running erlsrv ->
> >     4> file:open("f:/pru.txt", [write]).
> >     {ok,IoDevice}
> >
> >     Net folder mapped - running erlsrv -> (when the mapped drive is a
> >     Windows 2000)
> >     5> file:open("g:/pru.txt", [write]).
> >     {error,eacces}
> >
> >     Net folder mapped - running erlsrv -> (when the mapped drive is a
> >     Novell)
> >     6> file:open("z:/pru.txt", [write]).
> >     {error,einval}
> >
> >     I need to access a Novell (case 6)
> >     My doubt is what's the difference between case 3 and 6, if the
> >     difference is in Erlang and how can I solve this.
> >
> >     Do you know a way to resolve this?
> >     I would appreciate any suggestion.
> >
> >     Thanks, Carlos.-
> >
>
>
>
>





More information about the erlang-questions mailing list