The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Can resellers `screw` something up?

Discussion in 'General Discussion' started by nybble, Sep 7, 2004.

  1. nybble

    nybble Well-Known Member

    Joined:
    Jan 26, 2004
    Messages:
    223
    Likes Received:
    0
    Trophy Points:
    16
    I let resellers have DNS access etc., but could they screw something up? For example entering hex for a DNS entry crashing named? Or does cpanel guard this type of stuff?
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    No, they can seriously screw up DNS for the whole server.
     
  3. nybble

    nybble Well-Known Member

    Joined:
    Jan 26, 2004
    Messages:
    223
    Likes Received:
    0
    Trophy Points:
    16
    So it only takes 1 reseller to screw it up for everyone on the server?
    Is cpanel going to do something about this? (My guess is no?)
     
  4. cPanelBilly

    cPanelBilly Guest

    What they can do is kill their zone file. We really have no way to change that, they however cannot edit anyone elses zone files.
     
  5. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    But AFAIK a dud zone file, under certain circumstances can bring down bind.
     
  6. nybble

    nybble Well-Known Member

    Joined:
    Jan 26, 2004
    Messages:
    223
    Likes Received:
    0
    Trophy Points:
    16
    Sure..... what do you mean you can't control that? Can't you check the users input to make sure it is an IP address or hostname not a raw of jibberish?
     
    #6 nybble, Sep 7, 2004
    Last edited: Sep 7, 2004
  7. cPanelBilly

    cPanelBilly Guest

    There is only certain things we can control, and with DNS there is a million different things that can be put in. We cannot effectivly lock it down without breaking it, pretty badly too.
     
  8. nybble

    nybble Well-Known Member

    Joined:
    Jan 26, 2004
    Messages:
    223
    Likes Received:
    0
    Trophy Points:
    16
    No, but a start is better than nothing.

    People can break into banks.... so why don't banks just stop using security systems & safes?

    Can we do something about this? I mean, I have resellers who don't have a clue what they are doing and I am just counting the hours till one of them nukes something.
     
  9. SarcNBit

    SarcNBit Well-Known Member

    Joined:
    Oct 14, 2003
    Messages:
    1,010
    Likes Received:
    3
    Trophy Points:
    38
    Then take it away from them.

    To borrow your analogy (as bad as it was... all or nothing? comon!)

    Banks do not open the vault and trust customers to handle their own transactions (at least mine doesn't ;) ). That is why they have tellers. Tellers are trained to handle transactions and can be trusted (at least you hope so) with access to the money. If your resellers cannot be trusted (and I could end it right there and say that that is always), then they should not have access.

    In the mean time, more power to you arguing for an effective and safe end user BIND interface. I have to agree with billy, that would be quite a monster with all of the variables that would need to be supported and I doubt that it is worth it.
     
  10. gorilla

    gorilla Well-Known Member

    Joined:
    Feb 3, 2004
    Messages:
    699
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Sydney / Australia
    i ALWAYS switch off the DNS option for my resellers , better save then sorry ! :D
     
Loading...

Share This Page