On Fri, 13 Aug 2010 09:30:58 +0200, Tim <ignored_mailbox@xxxxxxxxxxxx> wrote: > On Thu, 2010-08-12 at 16:44 +0200, roland wrote: >> Someone who will install a website on the server. So I thought to give >> him a login and config apache to read the dir in his home dir. >> He has to upload the files for this site. So I won't him to see only >> his home dir. > > So, if someone else is going to install the serving software, they'll > only need to be able to upload files to their workspace, not needing > full access to the computer. Though they might, to configure the > server. It depends on whether you provide them with an interface for > that, or direct access. > > Moderately risky, more so if you let them install scripts, even more so > if it can send emails. But not too hard to secure something like that. > You want to learn what the common exploits are, so you can understand > securing it, and competently test that you've succeeded. > > Lots of web hosts around the planet do something similar. Run Apache on > some Linux or Unix, give their customers FTP access (or another file > transfer scheme) to upload their pages, and use something like CPanel to > let them customise their use of the webserver. > Of course, if one cannot restrict the access, FTP will be still insecure. So first I will try what 'Kalinix' said, and install chroot. Thanks to you and all the others for your time. -- Roland -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
