update the security consideration with the 1.1.0 feature

Co-authored-by: Gina Peter Banyard <girgias@php.net>
2026-03-24 00:42:18 +01:00 · 2024-10-15 09:40:05 +02:00
parent 932c4724c1
commit 2df42103ae
1 changed files with 13 additions and 4 deletions
--- a/reference/win32service/setup.xml
+++ b/reference/win32service/setup.xml
@@ -37,10 +37,19 @@
   control is available from the web interface or remote control.
  </para>
  <para>
-   You can set the ACL on the service after adding it into SCM to delegate the
-   current administration tasks to an non administrator account or service account.
-   For further instructions, see the
-   <link xlink:href="https://support.microsoft.com/en-us/help/914392/best-practices-and-guidance-for-writers-of-service-discretionary-acces">Microsoft Knowledge Base</link>.
+   The ACL on the service can be set after adding it into SCM to delegate the
+   current administration tasks to a non administrator account or service account.
+  </para>
+  <para>
+   As of Win32Service 1.1.0, service rights can be managed with PHP. The actual ACLs can be read with
+   <function>win32_read_all_rights_access_service</function>, an access or deny right can be added with
+   <function>win32_add_right_access_service</function>, or an access right can be removed with
+   <function>win32_remove_right_access_service</function>.
+  </para>
+  <para>
+   It is recommended to update to Win32Service 1.1.0.
+   For further instructions to manage rights without the extension (or a version prior to 1.1.0), see the
+   <link xlink:href="&url.win32service.kb914392;">Microsoft Knowledge Base</link>.
  </para>
 </section>