Incognito969

Well-Known Member
Jun 15, 2003
50
0
156
Is there anyway to limit root's whm menu? I tried creating a new theme for root and then removing features from the command file, but all the features can still be accessed by manually typing in the url of the script.
 

SarcNBit

Well-Known Member
Oct 14, 2003
1,010
3
168
I am sorry that I do not have an answer for you, but I have to ask, what would be your motivation for doing this?
 

Incognito969

Well-Known Member
Jun 15, 2003
50
0
156
I am, I've assigned a reseller's account with "All Features" because I need this account to have "some" administrative abilities. I've given it a modified X skin with features removed but you can still access them manually entering the urls.

I am wondering if there are any other way to limit access in general to some of the scripts even for root.
 

SarcNBit

Well-Known Member
Oct 14, 2003
1,010
3
168
I was getting at what squirrel said. If you need to limit access to certain features then you should setup a reseller account. Limiting access is what reseller accounts are all about (and grouping sub accounts).

You cannot limit the access of the root user nor should you be able to. Having unlimited access is the entire point of root.

You should restrict access to your root user password. If you have given root access to someone and now wish to restrict it, then you should change the root password (something you should do from time to time anyhow).
 

Incognito969

Well-Known Member
Jun 15, 2003
50
0
156
I haven't given anyone root access to any server, I setup a reseller account with root access but it does not give ssh access.

Sometimes you need a restricted root, on all our non-cpanel servers we have acl's restricting root to almost nothing so that I can safely give root access to my support staff and not worry about LKM, backdoors, overall f**ckery of the server, in case one of them decides to quit.

Imagine this if one of your trusted support guys decides to go corrupt and has all the root passwords for your servers. If he goes in and does a rm -rf / your business is completely screwed. If you don't think this is possible then ignorance will lead to failure.