From owner-freebsd-isp Mon Jul 31 12:38: 7 2000 Delivered-To: freebsd-isp@freebsd.org Received: from bsdie.rwsystems.net (bsdie.rwsystems.net [209.197.223.2]) by hub.freebsd.org (Postfix) with ESMTP id 4558737B8E2 for ; Mon, 31 Jul 2000 12:38:03 -0700 (PDT) (envelope-from jwyatt@rwsystems.net) Received: from bsdie.rwsystems.net([209.197.223.2]) (1537 bytes) by bsdie.rwsystems.net via sendmail with P:esmtp/R:bind_hosts/T:inet_zone_bind_smtp (sender: ) id for ; Mon, 31 Jul 2000 14:33:42 -0500 (CDT) (Smail-3.2.0.106 1999-Mar-31 #1 built 1999-Aug-7) Date: Mon, 31 Jul 2000 14:33:42 -0500 (CDT) From: James Wyatt To: Veaceslav Revutchi Cc: freebsd-isp@freebsd.org Subject: Re: web hosting, what ftp to use? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, 31 Jul 2000, Veaceslav Revutchi wrote: > Thanks everyone for sharing your experience with me! > > I have one more question about cgi. I was thinking about giving > ftp access for each user to its own cgi directory but then > I won't be able to control the contents of their scripts. > What would be a wise procedure to allow users to update their > cgi stuff? > > thanks again very much, > slava revutchi You might *seriously* look at a jail or chroot approach. There have been several web servers hacked when folks uploaded scripts that allowed them to do things like search for broken suid programs, read world-readable files with config info, etc... You should also provide some simple scripts users can clone/modify to cut down on support calls and provide hints to approach forms, etc... You should also look into using FreeBSD's login limitations on your server account - but there are *much* better experts around here than I on doing so. - Jy@ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message