1 |
On 13/10/05 17:28, Dmitry Lukashin wrote: |
2 |
|
3 |
>>With ability to modify apache config & crontab for user using ssh |
4 |
>>access? |
5 |
> |
6 |
> Try to use <VirtualHost></VirtualHost> for each user in separate file. |
7 |
> And change permission on that file to user you want allow editing it. |
8 |
|
9 |
Don't do that unless you fully trust your users. If they can modify |
10 |
(parts of) the apache config without any control, they will be able to |
11 |
do bad things with apache's permissions. They can easily change any |
12 |
file apache has write access to by just use such a file as logfile for |
13 |
their vhost, for example. |
14 |
|
15 |
I'm not an apache expert, but I think there are a lot more possibilities |
16 |
to do bad things :-) Maybe they can load self written apache modules |
17 |
and then they will be able to do _anything_ apache can do. |
18 |
|
19 |
> Same with crontabs |
20 |
|
21 |
Common cron daemons use separate crontabs for each user, you don't have |
22 |
to do anything to get the desired functionality. |
23 |
|
24 |
Daniel |