+16
Planned

User with limited permissions

Gael J. 11 years ago updated by Eugene Pankov (Project coordinator) 11 years ago 3

Hello,

I'm a server administrator and your product interest me.
Ajenti is interesting to me and more for simple users or clients ...

My problem is the limited permissions. A simple user with only the dashboard have root permissions and can start / stop services ( with service widget ) . I can't install product if client can stop services.


A client with filesystem access ( good idea for free/use space disk ) can remove fstab ligne. A read only access is better for client.


Should distinguish the permissions between power user and simple user for greater security.


Idea is simple, have simple users with limited permissions and the users with root permissions, like linux.


Thank you for everything.
Good luck


Partly completed in the next build with widget permissions

Great. this will be very useful.
Thank you very much.

+3
Some plugins have privileged and unprivileged parts. For example "Scripts" tab of network interfaces in "Network" plugin is a security hole if accessible in a limited user account.
I've got a use case where I need to define a non-root admin account to let my user change basic configuration of the system independently, including networking. But "Scripts" part of configuration lets admin user to run commands as root, which is undesired.