1 |
Hello all, |
2 |
|
3 |
I'm currently working on a hardened install for a web/mail-server. |
4 |
Clients need to be able to upload their site content, either by ftp or |
5 |
sftp... As I see it now, there are three options for user management: |
6 |
1. Add real users to the system |
7 |
2. Add virtual users to a mysql db, use one user for files and let |
8 |
programs use the database |
9 |
3. Use pam-mysql or nss-mysql to have the users in a database |
10 |
|
11 |
Personally I'd prefer using a database because of the management, but |
12 |
I'm not considering security at all in this preference. I bet some of |
13 |
you ran into the same problem and took one of the approaches I mentioned |
14 |
above. |
15 |
|
16 |
Because clients are using php too I don't know if it's advisable to use |
17 |
one user on the system and virtual users for ftp/sftp access. Next to |
18 |
that it would be nice to have decent quota support, so in that case I |
19 |
guess point 2 won't work... |
20 |
|
21 |
Anyway, I hope someone who used one of these methods on a production |
22 |
server can tell some more about what's the best way to solve this |
23 |
problem and why it's the best way. |
24 |
Greetings, |
25 |
|
26 |
Michael |
27 |
|
28 |
-- |
29 |
gentoo-hardened@g.o mailing list |