Re: ISPs and WebCat

This WebDNA talk-list message is from

2001


It keeps the original formatting.
numero = 37426
interpreted = N
texte = Karl Schroll wrote: > > On any platform/version, can WebCatalog restrict users to their own > directories so they can't muck with other sites on a server, or the server > itself (i.e., can we prevent a user who maintains their own templates from > causing trouble) If so, what platforms/versions can give this level of > security? > This is not currently a feature of WebCatalog on any platform. I suppose it is possible that v.5.x will support this, but I wouldn't hold my breath. WebCatalog currently is designed as a single server process (ignoring multiple thread processes) in that WebCatalog only runs under a single user ID.Under the *nix platforms, you can use group level security so that the users can only EDIT their own files, with WebCat running using a user id that is a member of the same group as the users. However, any user could use relative addressing to get at files owned by another user, so there is little in the way of security. There was also a problem with earlier Linux versions that would cause WebCat to override the database ownership with certain commands (I believe it was Replace but not Append, but don't quote me). I think this is fixed, but I have not been testing current Linux releases.A true multi-user version of WebCatalog would use chroot'd child processes for each domain, spawned by a master process. It would be likely that this would be a non-platform independent change (since non-*nix environments don't have this capability) and would most likely be sold as a completely different package. It would require massive changes to the architecture since each domain would need a completely independent RAM region (unless all databases were restricted to absolute addresses).HTHJohn-- John Peacock Director of Information Research and Technology Rowman & Littlefield Publishing Group 4720 Boston Way Lanham, MD 20706 301-459-3366 x.5010 fax 301-429-5747------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: ISPs and WebCat (Vincent Medina 2001)
  2. Re: ISPs and WebCat (John Peacock 2001)
  3. Re: ISPs and WebCat (Kimberly Ingram 2001)
  4. ISPs and WebCat (Karl Schroll 2001)
Karl Schroll wrote: > > On any platform/version, can WebCatalog restrict users to their own > directories so they can't muck with other sites on a server, or the server > itself (i.e., can we prevent a user who maintains their own templates from > causing trouble) If so, what platforms/versions can give this level of > security? > This is not currently a feature of WebCatalog on any platform. I suppose it is possible that v.5.x will support this, but I wouldn't hold my breath. WebCatalog currently is designed as a single server process (ignoring multiple thread processes) in that WebCatalog only runs under a single user ID.Under the *nix platforms, you can use group level security so that the users can only EDIT their own files, with WebCat running using a user id that is a member of the same group as the users. However, any user could use relative addressing to get at files owned by another user, so there is little in the way of security. There was also a problem with earlier Linux versions that would cause WebCat to override the database ownership with certain commands (I believe it was Replace but not Append, but don't quote me). I think this is fixed, but I have not been testing current Linux releases.A true multi-user version of WebCatalog would use chroot'd child processes for each domain, spawned by a master process. It would be likely that this would be a non-platform independent change (since non-*nix environments don't have this capability) and would most likely be sold as a completely different package. It would require massive changes to the architecture since each domain would need a completely independent RAM region (unless all databases were restricted to absolute addresses).HTHJohn-- John Peacock Director of Information Research and Technology Rowman & Littlefield Publishing Group 4720 Boston Way Lanham, MD 20706 301-459-3366 x.5010 fax 301-429-5747------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ John Peacock

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Search Order? (2000) Country & Ship-to address & other fields ? (1997) WebCat2b13MacPlugIn - [include] doesn't allow creator (1997) Emailer setup (1997) search for all (1998) OT: Flash artist needed (2005) Date or time comparisons have bugs ... (1998) Emailer Problem (2000) [OT] Indexing of dynamic web sites (2003) About that math question ... (2003) [TEXT SECURE=T] (2000) [cart][date][time] (2003) memory leaks (2005) [WebDNA] Clarifying talklist emails (2020) Redirect and passing more than one variable... (2002) Multiple catalog databases and showcart (1997) WebMerchant and Mac Auth Hub Help Please (1999) WebCat2b14MacPlugIn - [include] doesn't hide the search string (1997) [math] storage of variables (1997) Installing WebDNA DEveloper edition on Mac OS X (2004)