On 25 November 2015 at 11:18, Niklas Keller <[email protected]> wrote: > It's an issue with shared hosting where users have shell access but no root > access.
If a user isn't able to write to the web server, or stand up any a server on any "privileged" port, can they really be said to exercise "control" over that server? I certainly wouldn't consider that to be a strong enough signal. I think that these users will have to rely on access to the .well-known tree if they are genuinely admins, but limited in their access to the metal. That might be more disruptive to their ongoing operations, but I don't see any alternative that would satisfy me that this isn't just some guy who happened to get shell access to a machine. _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
