Re: ISPs and WebCat
This WebDNA talk-list message is from 2001
It keeps the original formatting.
numero = 37426
interpreted = N
texte = Karl Schroll wrote:> > On any platform/version, can WebCatalog restrict users to their own> directories so they can't muck with other sites on a server, or the server> itself (i.e., can we prevent a user who maintains their own templates from> causing trouble) If so, what platforms/versions can give this level of> security?> This is not currently a feature of WebCatalog on any platform. I suppose it is possible that v.5.x will support this, but I wouldn'thold my breath. WebCatalog currently is designed as a single serverprocess (ignoring multiple thread processes) in that WebCatalog onlyruns under a single user ID.Under the *nix platforms, you can use group level security so thatthe users can only EDIT their own files, with WebCat running using a user id that is a member of the same group as the users. However, any user could use relative addressing to get at files owned by another user, so there is little in the way of security. There was also a problem with earlier Linux versions that would cause WebCat to override the database ownership with certain commands (I believe it was Replace but not Append, but don't quote me). I think this is fixed, but I havenot been testing current Linux releases.A true multi-user version of WebCatalog would use chroot'd childprocesses for each domain, spawned by a master process. It would belikely that this would be a non-platform independent change (sincenon-*nix environments don't have this capability) and would mostlikely be sold as a completely different package. It would require massive changes to the architecture since each domain would need acompletely independent RAM region (unless all databases were restricted to absolute addresses).HTHJohn--John PeacockDirector of Information Research and TechnologyRowman & Littlefield Publishing Group4720 Boston WayLanham, MD 20706301-459-3366 x.5010fax 301-429-5747-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list
.To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/
Associated Messages, from the most recent to the oldest:
Karl Schroll wrote:> > On any platform/version, can WebCatalog restrict users to their own> directories so they can't muck with other sites on a server, or the server> itself (i.e., can we prevent a user who maintains their own templates from> causing trouble) If so, what platforms/versions can give this level of> security?> This is not currently a feature of WebCatalog on any platform. I suppose it is possible that v.5.x will support this, but I wouldn'thold my breath. WebCatalog currently is designed as a single serverprocess (ignoring multiple thread processes) in that WebCatalog onlyruns under a single user ID.Under the *nix platforms, you can use group level security so thatthe users can only EDIT their own files, with WebCat running using a user id that is a member of the same group as the users. However, any user could use relative addressing to get at files owned by another user, so there is little in the way of security. There was also a problem with earlier Linux versions that would cause WebCat to override the database ownership with certain commands (I believe it was Replace but not Append, but don't quote me). I think this is fixed, but I havenot been testing current Linux releases.A true multi-user version of WebCatalog would use chroot'd childprocesses for each domain, spawned by a master process. It would belikely that this would be a non-platform independent change (sincenon-*nix environments don't have this capability) and would mostlikely be sold as a completely different package. It would require massive changes to the architecture since each domain would need acompletely independent RAM region (unless all databases were restricted to absolute addresses).HTHJohn--John PeacockDirector of Information Research and TechnologyRowman & Littlefield Publishing Group4720 Boston WayLanham, MD 20706301-459-3366 x.5010fax 301-429-5747-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/
John Peacock
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
Search Order? (2000)
Country & Ship-to address & other fields ? (1997)
WebCat2b13MacPlugIn - [include] doesn't allow creator (1997)
Emailer setup (1997)
search for all (1998)
OT: Flash artist needed (2005)
Date or time comparisons have bugs ... (1998)
Emailer Problem (2000)
[OT] Indexing of dynamic web sites (2003)
About that math question ... (2003)
[TEXT SECURE=T] (2000)
[cart][date][time] (2003)
memory leaks (2005)
[WebDNA] Clarifying talklist emails (2020)
Redirect and passing more than one variable... (2002)
Multiple catalog databases and showcart (1997)
WebMerchant and Mac Auth Hub Help Please (1999)
WebCat2b14MacPlugIn - [include] doesn't hide the search string (1997)
[math] storage of variables (1997)
Installing WebDNA DEveloper edition on Mac OS X (2004)