You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by "mail.earthlink.net" <be...@earthlink.net> on 2002/09/05 17:03:30 UTC

[users@httpd] Configuration/Installation application

Hi:

I'm in need of some form of application that can be used for configuration
and installation of Apache Domains over a number of Servers. Basically, we
need to be able to allow the user to modify the Apache config file with the
new Domain information, and then to install some executables/binaries based
upon the Domain(s) selected by the user.

We've looked at a couple of aaplications but haven't seen anything that
seems to meet our specfic needs. An application that could handle the
installatino, but also allowed for pretty good intergration with external
scripts (prel/php/etc..) would probably work. The application also has to
have a GUI for the user interface.

Thanks

Bruce Douglas
bedouglas@earthlink.net

RE: [users@httpd] Configuration/Installation application

Posted by Steven Pierce <pa...@speakeasy.net>.
Ok.. Thank you for clarifing that for me.  


*********** REPLY SEPARATOR ***********

On 9/5/2002 at 9:52 mail.earthlink.net wrote:
Steven,

Thanks for you rresponse. The answer to your question in a nutshell is yes... The security issues you raise willbe no more sever or possible that what would already exist on the Client Box. Keep in mind, the configuration/installation application would be run by the user on his box for his Apache Server, modifying his Apache config file. 

But as we are limiting what the user could do regarding what could be inserted into the config file, the user would actually be able to do more "damge" to the config file by manually editing it...

Thanks...

-----Original Message-----
From: Steven Pierce [mailto:pagedev1@speakeasy.net]
Sent: Thursday, September 05, 2002 9:19 AM
To: users@httpd.apache.org
Subject: Re: [users@httpd] Configuration/Installation application


Bruce,

Are you sure that you want to do this?   Do you know the kind of issues that can bring up??  That would be a
security issue just waitting to happen.  Also what would stop the user from pointing more then one site at
the server, that they would at this point not be paying for.  Also if the user did not put the correct information
or syntex in, it could bring the entire server.  If you are going to do this, you need to be sure that they can only
do very, very specific entires.  I would suggest you write a script that would allow them to entire in one or 
maybe two lines of code.  

The other issue would be if someone could ( and most likely would) exploit this they would  have almost unlimited
access to the box.  

I am sorry, but I think that you should only allow one hand in the pie.  That way if something goes wrong you only
have one person that has to remember what was done to try and fix it.  

With that thought one other item came to mind, what if you have 2 or 3 people trying to do changes at one time.
Now the first two finish and the third person is still updating his part of the file.  They do a restart on the file so it can
be read, now the third person just lost all of his information.  Not a happy camper at this point.

I do not think you should do it.    If you do want to, then I would use something like perl to handle it.


*********** REPLY SEPARATOR ***********

On 9/5/2002 at 8:03 mail.earthlink.net wrote:
Hi:

I'm in need of some form of application that can be used for configuration and installation of Apache Domains over a number of Servers. Basically, we need to be able to allow the user to modify the Apache config file with the new Domain information, and then to install some executables/binaries based upon the Domain(s) selected by the user.

We've looked at a couple of aaplications but haven't seen anything that seems to meet our specfic needs. An application that could handle the installatino, but also allowed for pretty good intergration with external scripts (prel/php/etc..) would probably work. The application also has to have a GUI for the user interface.

Thanks

Bruce Douglas
bedouglas@earthlink.net

RE: [users@httpd] Configuration/Installation application

Posted by "mail.earthlink.net" <be...@earthlink.net>.
Steven,

Thanks for you rresponse. The answer to your question in a nutshell is
yes... The security issues you raise willbe no more sever or possible that
what would already exist on the Client Box. Keep in mind, the
configuration/installation application would be run by the user on his box
for his Apache Server, modifying his Apache config file.

But as we are limiting what the user could do regarding what could be
inserted into the config file, the user would actually be able to do more
"damge" to the config file by manually editing it...

Thanks...

  -----Original Message-----
  From: Steven Pierce [mailto:pagedev1@speakeasy.net]
  Sent: Thursday, September 05, 2002 9:19 AM
  To: users@httpd.apache.org
  Subject: Re: [users@httpd] Configuration/Installation application


  Bruce,

  Are you sure that you want to do this?   Do you know the kind of issues
that can bring up??  That would be a
  security issue just waitting to happen.  Also what would stop the user
from pointing more then one site at
  the server, that they would at this point not be paying for.  Also if the
user did not put the correct information
  or syntex in, it could bring the entire server.  If you are going to do
this, you need to be sure that they can only
  do very, very specific entires.  I would suggest you write a script that
would allow them to entire in one or
  maybe two lines of code.

  The other issue would be if someone could ( and most likely would) exploit
this they would  have almost unlimited
  access to the box.

  I am sorry, but I think that you should only allow one hand in the pie.
That way if something goes wrong you only
  have one person that has to remember what was done to try and fix it.

  With that thought one other item came to mind, what if you have 2 or 3
people trying to do changes at one time.
  Now the first two finish and the third person is still updating his part
of the file.  They do a restart on the file so it can
  be read, now the third person just lost all of his information.  Not a
happy camper at this point.

  I do not think you should do it.    If you do want to, then I would use
something like perl to handle it.


  *********** REPLY SEPARATOR ***********

  On 9/5/2002 at 8:03 mail.earthlink.net wrote:
    Hi:

    I'm in need of some form of application that can be used for
configuration and installation of Apache Domains over a number of Servers.
Basically, we need to be able to allow the user to modify the Apache config
file with the new Domain information, and then to install some
executables/binaries based upon the Domain(s) selected by the user.

    We've looked at a couple of aaplications but haven't seen anything that
seems to meet our specfic needs. An application that could handle the
installatino, but also allowed for pretty good intergration with external
scripts (prel/php/etc..) would probably work. The application also has to
have a GUI for the user interface.

    Thanks

    Bruce Douglas
    bedouglas@earthlink.net

Re: [users@httpd] Configuration/Installation application

Posted by Steven Pierce <pa...@speakeasy.net>.
Bruce,

Are you sure that you want to do this?   Do you know the kind of issues that can bring up??  That would be a
security issue just waitting to happen.  Also what would stop the user from pointing more then one site at
the server, that they would at this point not be paying for.  Also if the user did not put the correct information
or syntex in, it could bring the entire server.  If you are going to do this, you need to be sure that they can only
do very, very specific entires.  I would suggest you write a script that would allow them to entire in one or 
maybe two lines of code.  

The other issue would be if someone could ( and most likely would) exploit this they would  have almost unlimited
access to the box.  

I am sorry, but I think that you should only allow one hand in the pie.  That way if something goes wrong you only
have one person that has to remember what was done to try and fix it.  

With that thought one other item came to mind, what if you have 2 or 3 people trying to do changes at one time.
Now the first two finish and the third person is still updating his part of the file.  They do a restart on the file so it can
be read, now the third person just lost all of his information.  Not a happy camper at this point.

I do not think you should do it.    If you do want to, then I would use something like perl to handle it.


*********** REPLY SEPARATOR ***********

On 9/5/2002 at 8:03 mail.earthlink.net wrote:
Hi:

I'm in need of some form of application that can be used for configuration and installation of Apache Domains over a number of Servers. Basically, we need to be able to allow the user to modify the Apache config file with the new Domain information, and then to install some executables/binaries based upon the Domain(s) selected by the user.

We've looked at a couple of aaplications but haven't seen anything that seems to meet our specfic needs. An application that could handle the installatino, but also allowed for pretty good intergration with external scripts (prel/php/etc..) would probably work. The application also has to have a GUI for the user interface.

Thanks

Bruce Douglas
bedouglas@earthlink.net