httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "mail.earthlink.net" <bedoug...@earthlink.net>
Subject RE: [users@httpd] Configuration/Installation application
Date Thu, 05 Sep 2002 16:52:41 GMT
Steven,

Thanks for you rresponse. The answer to your question in a nutshell is
yes... The security issues you raise willbe no more sever or possible that
what would already exist on the Client Box. Keep in mind, the
configuration/installation application would be run by the user on his box
for his Apache Server, modifying his Apache config file.

But as we are limiting what the user could do regarding what could be
inserted into the config file, the user would actually be able to do more
"damge" to the config file by manually editing it...

Thanks...

  -----Original Message-----
  From: Steven Pierce [mailto:pagedev1@speakeasy.net]
  Sent: Thursday, September 05, 2002 9:19 AM
  To: users@httpd.apache.org
  Subject: Re: [users@httpd] Configuration/Installation application


  Bruce,

  Are you sure that you want to do this?   Do you know the kind of issues
that can bring up??  That would be a
  security issue just waitting to happen.  Also what would stop the user
from pointing more then one site at
  the server, that they would at this point not be paying for.  Also if the
user did not put the correct information
  or syntex in, it could bring the entire server.  If you are going to do
this, you need to be sure that they can only
  do very, very specific entires.  I would suggest you write a script that
would allow them to entire in one or
  maybe two lines of code.

  The other issue would be if someone could ( and most likely would) exploit
this they would  have almost unlimited
  access to the box.

  I am sorry, but I think that you should only allow one hand in the pie.
That way if something goes wrong you only
  have one person that has to remember what was done to try and fix it.

  With that thought one other item came to mind, what if you have 2 or 3
people trying to do changes at one time.
  Now the first two finish and the third person is still updating his part
of the file.  They do a restart on the file so it can
  be read, now the third person just lost all of his information.  Not a
happy camper at this point.

  I do not think you should do it.    If you do want to, then I would use
something like perl to handle it.


  *********** REPLY SEPARATOR ***********

  On 9/5/2002 at 8:03 mail.earthlink.net wrote:
    Hi:

    I'm in need of some form of application that can be used for
configuration and installation of Apache Domains over a number of Servers.
Basically, we need to be able to allow the user to modify the Apache config
file with the new Domain information, and then to install some
executables/binaries based upon the Domain(s) selected by the user.

    We've looked at a couple of aaplications but haven't seen anything that
seems to meet our specfic needs. An application that could handle the
installatino, but also allowed for pretty good intergration with external
scripts (prel/php/etc..) would probably work. The application also has to
have a GUI for the user interface.

    Thanks

    Bruce Douglas
    bedouglas@earthlink.net


Mime
View raw message