# HG changeset patch
# User Alain Mazy <am@osimis.io>
# Date 1685712108 -7200
# Node ID 20a369cc2823107429ea8cbb39b6c446bcdbdaa3
# Parent  0b89127439b16bf637ac6de43a419973f4df82cb
security: non privilege user

diff -r 0b89127439b1 -r 20a369cc2823 Sphinx/source/faq/security.rst
--- a/Sphinx/source/faq/security.rst	Thu Jun 01 12:24:22 2023 +0200
+++ b/Sphinx/source/faq/security.rst	Fri Jun 02 15:21:48 2023 +0200
@@ -92,6 +92,9 @@
   ``/instances/../export`` route) by leaving the configuration
   ``RestApiWriteToFileSystemEnabled`` to its default ``false`` value.
 
+* Make sure to run Orthanc as a non-privileged user with read-write access only 
+  for the storage area.
+
 * Setup rules that define, for each authorized user, which resources
   it can access, and through which HTTP method (GET, POST, DELETE
   and/or PUT). This can be done by defining a :ref:`filter written in