Trust levels
Trustlevels are a system that can be used to limit access to certain
modules depending on where the file originates. It can be used to give
trusted persons access to potentially hazardous modules like the
CGI executable support module or the
SQL-module.
Trustlevels work by setting the Builtin variables/Security:
Security level variable of modules.
A request is initially assigned a trust level equal to the security
level of the filesystem module from which it originates.
The request will only be able to pass through modules with an equal
or lower security level than the request's trust level. Modules that
has a higher security level will be ignored, like they were not even
enabled.
If the request passes through a module with a lower security level
than the request's trust level, the trust level will be lowered to the
security level. If the request tries to pass through additional
modules it will use the lowered trust level.
Example
CGI executable support - trust level 1
Pike tag - trust level 1
Filesystem - trust level 1
User Filesystem - trust level 0
The Filesystem module can contain CGI scripts or
pages using the <pike> tags. We can assume that only trusted
users can write files that are handled by this module.
User home pages, that are handled by the User
Filesystem module may not, on the other hand, contain CGI
scripts nor use the <pike> tag.
|