cron access questions - Printable Version +- ispCP - Board - Support (http://www.isp-control.net/forum) +-- Forum: ispCP Omega Support Area (/forum-30.html) +--- Forum: System Setup & Installation (/forum-32.html) +--- Thread: cron access questions (/thread-3889.html)

cron access questions - oddyutza - 07-29-2008 10:50 PM Hello everybody i`m using debian 4.0, ispcp rc5 with the gui update some of my "clients", users, need cron access, some files in some scripts need to be scheduled by them, for the moment i don`t mind. but for the future use i think this a big minus of the script, is there a mod coming? or an update regarding this? BR++ RE: cron access questions - ephigenie - 07-30-2008 02:30 AM There has been a lot of thinking about a cron feature in the past. One of the main issues here is : security ! So as long as we don't have a chroot environment for every single user it doesn't make that much sense because there's nearly no way on restricting a user to only its home folder. So the there's no wall between you and the users. So for now most of the ispCP users would love to have this feature - but maybe cannot handle the system hardening itself which needs to be done besides ispCP to keep the system clean & secure. So we'll come up with this if we figured out how to enable chrooted env's efficiently under such circumstances. RE: cron access questions - oddyutza - 07-30-2008 07:55 PM hmm true for the moment but as far sa i know, every hosting user has a box user also vu... that is restricted to /bin/false .. i think if we will make another folder to virtual/domain.tld/ such as crontab and the user can setup from the cp the schedule for his file/files. with a generated script, and from the begining a templated one. to run a crontab eg: user`s file : qwerty.php generated script : domain.tld_crontab.php (yahoo.com_crontab.php) and the templated one to check that path and if the domain.tld_crontab.php exists then the templated script shall add the commands to crontab. in this way , i think we will have crontab support, no shell access, and we are still protected. this is just an ideea.. i think if we all put our minds together we can pull this out ... right?