Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Feature Requests

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 27th October 2010, 14:20
bambam82 bambam82 is offline
Junior Member
 
Join Date: Aug 2010
Location: Utrecht, Netherlands
Posts: 18
Thanks: 4
Thanked 4 Times in 3 Posts
Question group write privileges on web dirs

Hi,

i would suggest to have group write privileges on all webdirs because of the following:
For example:
We have a client. This client has multiple websites. He wants to control these websites via 1 FTP user. In the options you can point to /var/www/clients/client1 instead of /var/www/clients/client1/web1.
But you are only allow to write to web1 because that is your current user. You are not allowed to write to web2, because other directories don't have the group write bit set....

It is possible to change this for a current directory, but when a change occurs, your settings are gone again.

This change doesn't have impact on the security because it is still the same user/client.

Could this feature be added in the next release?

Many thanks. Bart Dorlandt
Reply With Quote
Sponsored Links
  #2  
Old 27th October 2010, 14:23
bambam82 bambam82 is offline
Junior Member
 
Join Date: Aug 2010
Location: Utrecht, Netherlands
Posts: 18
Thanks: 4
Thanked 4 Times in 3 Posts
Exclamation web subdir, group read access also

Oh....

I just saw we will need to change the subdir "web" also to have group read access. This would help me and my client a lot.
Reply With Quote
  #3  
Old 27th October 2010, 16:21
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,054
Thanks: 826
Thanked 5,391 Times in 4,236 Posts
Default

Quote:
This change doesn't have impact on the security because it is still the same user/client.
This has a impact on security and thats why we do not use group write access in ISPConfig. It makes a big difference if a client has ten sites and one of them gets hacked. With the current setup, this affects only one site. With your modification, it will affect all sites and all sites have to be reinstalled. Additionally, some security extensions for apache will not start with group writable permissions.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #4  
Old 27th October 2010, 16:32
bambam82 bambam82 is offline
Junior Member
 
Join Date: Aug 2010
Location: Utrecht, Netherlands
Posts: 18
Thanks: 4
Thanked 4 Times in 3 Posts
 
Thumbs up

Hi,

i'm sorry you're right. good point.

Last edited by bambam82; 27th October 2010 at 16:33. Reason: typo
Reply With Quote
Reply

Bookmarks

Tags
clients, ftp, group write, multiple

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
I'm attack brute force qb7 General 6 21st July 2012 21:34
Can't access to my website - after install problem pallermo Installation/Configuration 18 4th June 2010 13:29
High on Lenny - Lvm Mount Problem Serverman Technical 1 23rd June 2009 16:26
ISPConfig Installation error linuxuser1 Installation/Configuration 4 26th February 2008 06:38
ISPConfig 2.2.10 released till General 70 7th March 2007 18:25


All times are GMT +2. The time now is 11:02.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.