| 1 |
On 13/10/05 17:28, Dmitry Lukashin wrote: |
| 2 |
|
| 3 |
>>With ability to modify apache config & crontab for user using ssh |
| 4 |
>>access? |
| 5 |
> |
| 6 |
> Try to use <VirtualHost></VirtualHost> for each user in separate file. |
| 7 |
> And change permission on that file to user you want allow editing it. |
| 8 |
|
| 9 |
Don't do that unless you fully trust your users. If they can modify |
| 10 |
(parts of) the apache config without any control, they will be able to |
| 11 |
do bad things with apache's permissions. They can easily change any |
| 12 |
file apache has write access to by just use such a file as logfile for |
| 13 |
their vhost, for example. |
| 14 |
|
| 15 |
I'm not an apache expert, but I think there are a lot more possibilities |
| 16 |
to do bad things :-) Maybe they can load self written apache modules |
| 17 |
and then they will be able to do _anything_ apache can do. |
| 18 |
|
| 19 |
> Same with crontabs |
| 20 |
|
| 21 |
Common cron daemons use separate crontabs for each user, you don't have |
| 22 |
to do anything to get the desired functionality. |
| 23 |
|
| 24 |
Daniel |
Archives