Hmmmmm.....
When you've logged into the shell you're stuck with linux or unix rights and permissions.
The only way I can think of to do it would be to make the reseller a member of each user's group.
And set up each group with write rights to files and directories.
But then httpd (apache) couldn't read (or in the case of php, write) any of the files unless it was also a member of the group.
And then anyone who knows how could write their own php program, running on the server, but from their own desktop, to completely delete the sites.
Not a pretty picture.
Once SELinux becomes properly supported by Linux distributions (RHEL is getting there but it's not fully there yet; I don't know how well the others support it), then DA could be rewritten to support SELinux in such a way to do it, but it would be a lot of rewriting and experimenting; I don't see it happening any time soon.
Does anyone know if something similar exists or is being worked on for FreeBSD?
Jeff
