Mercurial > hg > orthanc-book
diff Sphinx/source/faq/security.rst @ 948:20a369cc2823
security: non privilege user
author | Alain Mazy <am@osimis.io> |
---|---|
date | Fri, 02 Jun 2023 15:21:48 +0200 |
parents | 1e0f49aa75f3 |
children |
line wrap: on
line diff
--- a/Sphinx/source/faq/security.rst Thu Jun 01 12:24:22 2023 +0200 +++ b/Sphinx/source/faq/security.rst Fri Jun 02 15:21:48 2023 +0200 @@ -92,6 +92,9 @@ ``/instances/../export`` route) by leaving the configuration ``RestApiWriteToFileSystemEnabled`` to its default ``false`` value. +* Make sure to run Orthanc as a non-privileged user with read-write access only + for the storage area. + * Setup rules that define, for each authorized user, which resources it can access, and through which HTTP method (GET, POST, DELETE and/or PUT). This can be done by defining a :ref:`filter written in