changeset 948:20a369cc2823

security: non privilege user
author Alain Mazy <am@osimis.io>
date Fri, 02 Jun 2023 15:21:48 +0200
parents 0b89127439b1
children d43acd4f2454 91273763cb94
files Sphinx/source/faq/security.rst
diffstat 1 files changed, 3 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/Sphinx/source/faq/security.rst	Thu Jun 01 12:24:22 2023 +0200
+++ b/Sphinx/source/faq/security.rst	Fri Jun 02 15:21:48 2023 +0200
@@ -92,6 +92,9 @@
   ``/instances/../export`` route) by leaving the configuration
   ``RestApiWriteToFileSystemEnabled`` to its default ``false`` value.
 
+* Make sure to run Orthanc as a non-privileged user with read-write access only 
+  for the storage area.
+
 * Setup rules that define, for each authorized user, which resources
   it can access, and through which HTTP method (GET, POST, DELETE
   and/or PUT). This can be done by defining a :ref:`filter written in