Re: [cobalt-users] One User - Admin for multiple domains

["Carrie Bartkowiak" <ravencarrie@xxxxxxxx>]

> I guess this part wasn't clear as I tried to explain how I did it.

No, your post was very clear. I really think the only reason it wasn't
working for me is because it wasn't being added to the (admin:x:27:) line.

>I DID
> add the new admins with the GUI....but its the server base part....Main
> Site area...not a vhost area- make sure to click the site admin value for
> this new user.

This is exactly how I did it, as well - still didn't go into that adm line.
Perhaps this is another 'change' in the way Cobalt does things with the
RaQ4?

>The admins I
> added this way had ability to travel up and down the server tree with FTP
> from top to bottom. Each can read what is in other's directories but each
> can only send files into a directory for which he is part of the group.

Now that I've stuck the extra admin logins into that line, that's what I've
found as well.

> When I add an admin to this Main Site area, the user is properly placed in
> the various groups automatically,

It only added my new admins to the line with *all* of the admins on the
machine (site-adm:x:111:) and the line for the main site (home:x:110:).
Again, the key was (admin:x:27:); they weren't automatically being added to
this line.

>If you really
> trust your user, then this would definitely streamline his work,

With all of this hacking going on I've been watching my logs so carefully
that I've changed passwords on two of my clients already - and *then* asked
them if they were logging in with a different account at home. *L*  Neither
of them minded, thankfully, and luckily it *was* them coming in with
different ISPs than they normally do.

> but if he
> just set up his logins in WS_FTP for every site he maintains, it doesn't
> have to be done again and again.

Yeah, that's what I'm figuring. A pain for him, but necessary I suppose.

This whole thing really has me stumped. When I was at Communitech as a
hosting client, as far as I could tell *none* of the security stuff we talk
about was in place. (It may have changed by now.)  Anyone at any time could
FTP on up the tree and read whatever they wanted to. We automatically got
shell accounts when our account was set up - and we could browse all over
the machine.
And now I'm thinking - how in the WORLD could they do that without going
insane worrying about their security?
How could they let us think that our .htpasswd files and out-of-the-web
files were safe from snooping eyes when they really weren't?

Just blows me away. Here I am with one server and a handful of clients, and
I'm worried to death about keeping everyone's private stuff PRIVATE.
Communitech has thousands of clients - have they found some way that they
can sleep at night not worrying or do they just not care?

Carrie