I have a security concern. Thanks in advance and appreciate for any hints.
I implement multiple grav packages in different sub-levels of the same website. For example, site.com/foo and site.com/bar. The way I understand, there are 4 roles:
Implementer: Me, who has owner privilege of the web server.
Grav Admin User: Who configs the pages (back end and/or content).
Page User: Who edits the content of pages. (front end admin?)
Reader: Who browses the pages.
Questions:
Can an admin user have access to CLI or GPM, chmod, chown …
The CLI access is totally independent from the web-based access, it’s a server-level (operating system) configuration, Grav is not in the equation here.
So, only users with SSH access to the server will be able to operate CLI operations.
The 2 sites, if installed in separate subfolders (one in your-web-root/foo, another one in your-web-root/bar), will be separate. An Admin of Foo won’t see the pages and data of Bar. But they will have the same web server user, so they will share the permissions, so if a plugin is installed that reads under Bar, it’s possible to be installed in Foo and there won’t be any security measure to prevent it.
They would need a separate server account, just like what happens for shared hosting servers, where you cannot see / access other websites living on the same server.