View Single Post
  #3  
Old 27th October 2010, 17:21
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,788
Thanks: 840
Thanked 5,612 Times in 4,423 Posts
Default

Quote:
This change doesn't have impact on the security because it is still the same user/client.
This has a impact on security and thats why we do not use group write access in ISPConfig. It makes a big difference if a client has ten sites and one of them gets hacked. With the current setup, this affects only one site. With your modification, it will affect all sites and all sites have to be reinstalled. Additionally, some security extensions for apache will not start with group writable permissions.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote