The problem with using sudo on the www user is that if you are in a shared environment, anyone can upload a web page/script to their website and call the passwd command.
If you use mod_wsgi or fcgi with apache you can specify the user that the django app runs under. In my case I am running my application under a user 'djangoapp'. This user has permission to access the commands on the base system through sudo. I think this is a much better solution. Paddy On Aug 27, 3:41 am, mike171562 <[EMAIL PROTECTED]> wrote: > This is the problem I am having, I am currently using sudo for the www > user to get around it, but dont think thats a very secure solution. > > On Aug 20, 12:16 am, Paddy Joy <[EMAIL PROTECTED]> wrote: > > > I'm also developing a control panel as a personal project for a shared > > hosting setup. > > > The features I'm working on at the moment are: > > > DNS - frontend for myDNS > > Mail - frontend for Postfix (running mysql backend) > > > With user management and vhost management I have hit a bit of a > > stumbling block. I'm not sure what is the best/safest way to handle > > root operations, creating users, changing password etc.... Possibly > > this would have to be a seperate service running as root, reading > > tasks from a table. > > > A pluggable solution would be great as everyone will have slightly > > different requirements/setup. > > > Paddy > > > On Aug 13, 8:09 am, "Justin Fagnani" <[EMAIL PROTECTED]> wrote: > > > > You know, many of the components of a control panel, for both private > > > servers and co-hosting, would be very useful in other applications. > > > File browsers, support ticket systems, email, user and database > > > management, etc. would be great to have in many situations. > > > > Rather than have a monolithic control panel app, it'd be great to have > > > pluggable applications, where "pluggable" goes beyond the normal > > > Django sense and includes conventions about the template hierarchy, > > > markup structure, navigation, settings, and assets like CSS and JS. > > > That way an application could be added with little-to-no modification > > > of templates, CSS, etc. > > > > It's very similar to CMS applications like blogs, wikis, galleries or > > > forums. I've been developing a CMS and business apps for a while and > > > trying to develop a good set of conventions at the same time. I'd love > > > to collaborate with some other Django'ers who'd like to "standardize" > > > some of these concepts as a high-level layer to sit above Django. As I > > > imagine it, it'd be similar to a Drupal for Django in some ways. Of > > > course, not being an official Django standard, there could be choices > > > between standards that use different JS libraries, markup and template > > > block structure, and CSS conventions. > > > > I think, besides a CMS, a control panel would be a really good place > > > to use this. I'm hoping there will be some like-minded people at > > > Djangocon to discuss this with. > > > > -Justin > > > > On Tue, Aug 12, 2008 at 1:38 PM, Ramdas S <[EMAIL PROTECTED]> wrote: > > > >http://code.google.com/p/zmaj/ > > > > > On Wed, Aug 13, 2008 at 12:39 AM, mike171562 <[EMAIL PROTECTED]> > > > > wrote: > > > > >> Nice, how far along is it? Will it be opensourced? Any tips on how to > > > >> go about it? > > > > >> On Aug 12, 2:01 pm, "Juan Hernandez" <[EMAIL PROTECTED]> wrote: > > > >> > i am currently developing one... Im calling it PyISP > > > > >> > On Wed, Aug 13, 2008 at 2:18 PM, mike171562 > > > >> > <[EMAIL PROTECTED]>wrote: > > > > >> > > I was thinking of building a webhostingcontrol panel using django. > > > >> > > Anybody have any thoughts on this, or heard of anyone else doing > > > >> > > this? > > > > > -- > > > > Ramdas S > > > > +91 9342 583 065 > > > > My Personal Blog:http://ramdas.diqtech.com --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---
