diff options
author | Joe Rayhawk <jrayhawk@omgwallhack.org> | 2009-04-26 20:48:01 -0700 |
---|---|---|
committer | Joe Rayhawk <jrayhawk@omgwallhack.org> | 2009-04-26 20:48:01 -0700 |
commit | b612d640d0c4a1e4c5105914007e527fa80db17a (patch) | |
tree | ec7be7a9c89eefcd571ad1d32df08c3f8fd61353 /architecture/needed_admin_infrastructure.mdwn | |
parent | 907276f5fdf3947d1d15a094857d64e8ae35e152 (diff) | |
download | hosting-b612d640d0c4a1e4c5105914007e527fa80db17a.tar.gz hosting-b612d640d0c4a1e4c5105914007e527fa80db17a.zip |
Adding architecture features and planning
Diffstat (limited to 'architecture/needed_admin_infrastructure.mdwn')
-rw-r--r-- | architecture/needed_admin_infrastructure.mdwn | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/architecture/needed_admin_infrastructure.mdwn b/architecture/needed_admin_infrastructure.mdwn new file mode 100644 index 0000000..ff4b5a1 --- /dev/null +++ b/architecture/needed_admin_infrastructure.mdwn @@ -0,0 +1,7 @@ +- DONE: HTTP AUTH from PAM through the magic of mod-auth-pam +- DONE: HTTP access from /etc/group through the magic of mod-auth-sys-group +- DONE: Shell security through rbash and privilege escalation security (for mkwiki, mkuser, etc) through sudo +- DONE: Guaranteed namespace coherence with the vhosting of cgi, secure, and normal with the aid of a wildcard SSL certificate +- TODO: Work out how to get a wildcard SSL certificate through browser-trusted PKI infrastructure. +- TODO: Work out how to get client SSL certificates to work through browser-trusted PKI infrastructure, though I don't know if we'll ever really care about this. +- TODO: Work out how to pass mailing list emails around. Probably either ssh or vserver namespace magic. |