Menu
▾
▴
[webmin-devel] Re: Securing VirtualMin's Defaults (was Re: [webmin-devel] [Protected Web Directories] Webmin Version: 1.121)
|
From: Jamie C. <jca...@we...> - 2003-11-11 22:07:46
|
On Tue, 2003-11-11 at 23:45, Martin Mewes wrote: > Hi Jamie, > > Jamie Cameron <jca...@we...> wrote: > > >> >> Wish: > >> >> If "UserB:PasswdB" is a non-webmin-admin he should be "chrooted" to > >> >> his ~/. while using this module. > >> > >> This should be a deafult behaviour and not to be "patched" afterwards. > >> Isn't that possible? > > > >I could add an ACL option to include the current user's home directory > >.. that would make it easier. > > Now that I have looked a little bit more into this I found out that > the same behaviour is in some other modules if you use VirtualMin > which allows some modules by default. So want to start up a talk about > useful default's for Modules. > > This is what I did against the defaults > [ stuff deleted ] Virtualmin does set a lot of those module access control settings already, such as in the File Manager and MySQL modules. The next release of Virtualmin (due soon) will set the Global ACL and Protected Web Directories access control settings as well, in the same way that you did. One planned feature that I haven't gotten around to yet is allowing the creating of a Webmin group that specifies access control settings for various modules. Each virtual server user would then be a member of that group, and thus inherit it's permissions .. this would give the master admin more flexibility to control who gets access to what, instead of using Virtualmin's built-in defaults. - Jamie |
