Hi On Mon, Jul 17, 2000 at 09:55:07AM -0500, John F. Davis wrote: > What is the most secure way for users to update their webpages? > > Currently, I only allow scp and not ftp. However, scp doesn't allow > users to delete old files. This isn't the best way I'm sure, but it would be secure. Write a cgi script running on an apache-ssl with mod_auth_system and do PUT uploads in the users respective public_html directory, so you even do not need to give a shell to these users. Just create some kind of file browser for their public_html directory (of course that script should be audited), so users can mv and delete files.
MfG/Regards, Alexander -- Alexander Reelsen http://joker.rhwd.de [EMAIL PROTECTED] GnuPG: pub 1024D/F0D7313C sub 2048g/6AA2EDDB [EMAIL PROTECTED] 7D44 F4E3 1993 FDDF 552E 7C88 EE9C CBD1 F0D7 313C Securing Debian: http://joker.rhwd.de/doc/Securing-Debian-HOWTO
