On Wed, Nov 7, 2018 at 1:18 PM Luc Larochelle <llaroche...@gmail.com> wrote:
> Hi Everyone, > > Given that application X is owned by it's generic user (userX) and that a > Webapp is owned by another generic user(Y), what's the best way to share > permissions between the users so that application X can be called by a a > request to the WebApp ? > Is the primary question about the best way to handle permissions between two users? IMO, either put both users in the same group, or use extended ACLs <https://wiki.archlinux.org/index.php/Access_Control_Lists>. I used to use them quite a bit when I managed file servers with Samba and it was great! > Also, is it a good thing to separate applications from the Webapp in > distinct users , or should it all be part of a whole ? > I think the general rule of thumb is separations are good, but of course you need something in place to allow exchange of information. ACLs work. Other things could work, too. But ACLs proly easiest. Best answer proly depends on a lot... The objective to what you're asking, of course, is if one of your systems gets hacked, the other shouldn't be affected. If the system A gets hacked with user A, system B with user B will be "protected". Is system A and system B both use user C, a breach of system A *or* system B would effect the other. -- You received this message because you are subscribed to the Google Groups "Mojolicious" group. To unsubscribe from this group and stop receiving emails from it, send an email to mojolicious+unsubscr...@googlegroups.com. To post to this group, send email to mojolicious@googlegroups.com. Visit this group at https://groups.google.com/group/mojolicious. For more options, visit https://groups.google.com/d/optout.