[Linux-disciples] Blogs owned by users
Stephen R Laniel
steve at laniels.org
Thu Apr 14 10:34:53 EDT 2005
I have an account on bostoncoop.net, and I'm not a superuser
there, so I can't create new users or groups. At the same
time, I run a few blogs for my friends, underneath that
non-root account.
Now, if those blogs are compromised, I'd like to limit the
damage. But since I can't create new users or groups, those
friends' blogs have to run under username 'slaniel'.
Additionally, these blogs need access to files that I have
to edit -- so the blogs have to run suid.
Is there any way to minimize the damage should those blogs
become compromised? Ideally, the damage would only affect
their blogs' contents, not the other blogs that I run for my
other friends.
--
Stephen R. Laniel
steve at laniels.org
+(617) 308-5571
http://laniels.org/
More information about the Linux-disciples
mailing list