Hello, I saw this topic, and I had a question.
For example, if I have an admin with the domain admindomain.com and I enable a new user (user1) to create user1.admindomain.com subdomain in their account, if this subdomain is infected by something, it will be more likely to affect the account where is the main admin domain (admindomain.com)?
To make it clearer, would this subdomain (user1.admindomain.com), if infected, be more likely to affect my admin’s account (admindomain.com) than if my user1’s domain was, for example, user1.anotherdomain.com ?
In your link https://hestiacp.com/docs/server-administration/configuration.html#what-does-the-enforce-subdomain-ownership-policy-mean I read this: “this could cause security issues and therefor we have decided to add a policy to control this behavior.”
So I was left with this doubt, what the security problems would be.
If not this problem, what would be the specific problems?