IntroductionIntroduction
  InstallingInstalling
  HandlingHandling
  Virtual serversVirtual servers
  ModulesModules
  FilesystemsFilesystems
  RXML tagsRXML tags
  GraphicsGraphics
  ProxyProxy
  Miscellaneous modulesMiscellaneous modules
  Security considerationsSecurity considerations
    <Challenger user>Challenger user<Challenger user>Challenger user
    <Restricted pages>Restricted pages<Restricted pages>Restricted pages
    <Trust levels>Trust levels<Trust levels>Trust levels
  ScriptingScripting
  DatabasesDatabases
  LDAPLDAP
  FrontPageFrontPage
  UpgradingUpgrading
  Third party extensionsThird party extensions
  PortabilityPortability
  Reporting bugsReporting bugs
  AppendixAppendix
 
Trust levels

Trustlevels are a system that can be used to limit access to certain modules depending on where the file originates. It can be used to give trusted persons access to potentially hazardous modules like the CGI executable support module or the SQL-module.

Trustlevels work by setting the Builtin variables/Security: Security level variable of modules.

A request is initially assigned a trust level equal to the security level of the filesystem module from which it originates.

The request will only be able to pass through modules with an equal or lower security level than the request's trust level. Modules that has a higher security level will be ignored, like they were not even enabled.

If the request passes through a module with a lower security level than the request's trust level, the trust level will be lowered to the security level. If the request tries to pass through additional modules it will use the lowered trust level.

Example

CGI executable support - trust level 1
Pike tag - trust level 1
Filesystem - trust level 1
User Filesystem - trust level 0
The Filesystem module can contain CGI scripts or pages using the <pike> tags. We can assume that only trusted users can write files that are handled by this module.

User home pages, that are handled by the User Filesystem module may not, on the other hand, contain CGI scripts nor use the <pike> tag.