Make the "Import and Migrate" available to domain-owners

In the same manner, as the validation feature was requested on https://virtualmin.com/node/44836, I'd like to request to make Import and Migrate virtual servers to domain owners. I understand that domain-owners can create only sub-domains, however, I don't see any reason why they should not be able to import or migrate in their websites even as sub-servers.

Generally, it would be much easier if you hide SETTINGS like System Settings, Email Messages, System Customization, Addresses and Networking, not sure if domain owners should be able to check disk quotas, but at least you gave them validation. However, all the other purely domain related functions should be available to domain owners.

Status: 
Closed (fixed)

Comments

Joe's picture
Submitted by Joe on Thu, 12/15/2016 - 02:32 Pro Licensee

Import wouldn't be something a non-privileged user should ever use. It brings an existing Apache VirtualHost under control of a Virtuamin user. That would have scary security implications, but it's also something that really should only be used once, when you first install Virtualmin on a system that already has Apache VirtualHosts (it should probably be tucked away somewhere a little less obvious, since it has an uncommon use case).

But, migrate would be very useful. I don't know about the security implications of that, however...it would probably require an audit of the code to make sure it does everything only with privileges of the domain owner, rather than as root. It'd be a potential goldmine for privilege escalation bugs, so it'd need some dev time. (I think it's a great idea, though.)

I didn't think of that kind of implications of Import, thanks for enlightening. Ok, let's leave Import to only the root user, but Migrate is so natural feature to provide to the domain owners. cPanel provides such functionality, so why Virtualmin should be any less?! Especially when the feature is really there, but just limited to root user!

Allowing domain owners to use the Migrate feature would be theoretically possible, but would require some very careful auditing of the cPanel backups being migrated. Otherwise there is a danger that an evil backup could allow the system to be compromised by a domain owner.

I see that Jamie, but frankly speaking I believe that is completely another issue, which should not serve as a justification not to give domain owners possibility to migrate their websites into Virtualmin. Please make the lives of hosting vendors easy and help them delegate as many quite meaningful features down to domain owners.

Security is actually a very important reason to not give someone access to something. We take security seriously, and can't put the safety of the server in the hands of a potentially malicious user.

We'll certainly look into that, but if Jamie thinks there are potential security issues, that means we need to be very careful in how we proceed (if we can proceed at all).

I'll add this to my TODO list, as it's not an unreasonable request. However, it is something that requires work when we can no longer make the assumption that migrated backups can be trusted.

God help me to succeed in something that is, in fact, so obvious - all the major control panels allow regular users migrate their websites.

Pardon me, but that "we take security seriously" sounds soo ... - let me put lightly - irrelevant here! Let hosting vendors, administrators care about security, it's really not your business, guys! Your business is to make things configurable in one or another way and let the hosting vendors decide to give that or another option to the end users or not. You are limiting options way too much and thus keeping your own product behind other control panels. We've developed strong bound towards *min family and using it our default control panel for all of our customers, however, when we hit this kind of self-imposed walls of "caring", but in fact, hurting that comes from your, guys, then I really can't helping myself to start shifting away. So sad...

The ability to migrate domains by resellers and domain owners has been implemented for inclusion in the 5.06 Virtualmin release. The root user will be able to enable it at the plan level, or on the Edit Owner Limits page..

Status: Active ยป Fixed

Excellent Jamie and thank you very much for listening! And Happy New Year!