diff options
| author | Joe Rayhawk <jrayhawk@omgwallhack.org> | 2014-10-29 15:17:21 -0700 |
|---|---|---|
| committer | Joe Rayhawk <jrayhawk@omgwallhack.org> | 2014-10-29 15:17:21 -0700 |
| commit | 646b92e39c7b46b706de364c2d1d22c7849e5036 (patch) | |
| tree | 1b3d770599a24b72b2c4052731e9fdc2b6e5c12c /docs/architecture/needed_admin_infrastructure.mdwn | |
| parent | 77d61b6bdc1db054206d1341c20587794fb3c0e1 (diff) | |
| download | piny-code-646b92e39c7b46b706de364c2d1d22c7849e5036.tar.gz piny-code-646b92e39c7b46b706de364c2d1d22c7849e5036.zip | |
pinyadmin: bash -r -> ksh -r because the bash people apparently like to deprecate security features without bothering to tell anyone
Diffstat (limited to 'docs/architecture/needed_admin_infrastructure.mdwn')
| -rw-r--r-- | docs/architecture/needed_admin_infrastructure.mdwn | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/docs/architecture/needed_admin_infrastructure.mdwn b/docs/architecture/needed_admin_infrastructure.mdwn index 59365c2..f6a3831 100644 --- a/docs/architecture/needed_admin_infrastructure.mdwn +++ b/docs/architecture/needed_admin_infrastructure.mdwn @@ -1,6 +1,6 @@ - DONE: HTTP AUTH from PAM through the magic of mod-auth-pam - DONE: HTTP access from /etc/group through the magic of mod-auth-sys-group -- DONE: Shell security through rbash and privilege escalation security (for mkwiki, mkuser, etc) through sudo +- DONE: Shell security through a restricted shell and privilege escalation security (for mkwiki, mkuser, etc) through sudo - DONE: Guaranteed namespace coherence with the vhosting of cgi, secure, and normal with the aid of a wildcard SSL certificate - TODO: Work out how to pass mailing list emails around. Probably either ssh or vserver namespace magic. - DONE: manual [[setup file overrides]], /etc/ikiwiki/piny/$reponame.setup.pl, included directly with 'do' before dumping state. |