Results 1 to 2 of 2

Thread: jailed shell access - how does it differ from normal shell?

  1. #1
    Member
    Join Date
    Mar 2002
    Posts
    454

    Default jailed shell access - how does it differ from normal shell?

    Hi All,

    Please can someone define the difference between jailed shell access and normal shell access? Educated guess is that jailed shell access is more restrictive/secure than normal, but I'd like to have the differences spelled out to me for future reference. WHM documentation was about as useful on the subject as a chocolate fire guard. :-)
    • Web Design Perth .:. Itomic Business Website Solutions of Perth, Western Australia

  2. #2
    Super Moderator This forum account has been confirmed by cPanel staff to represent a vendor. chirpy's Avatar
    Join Date
    Jun 2002
    Location
    Go on, have a guess
    Posts
    13,496

    Default

    That's about it in a nutshell. The purpose of a jailed shell environment is to offer a shell user a limited and restrictive environment within which they can perform whatever functions they want. The idea being that they can only do so much damage if they are restricted to the binaries and libraries provided

    A normal shell environment gives a user full access to whatever the file system and server environment will allow for the user. It can expose your server to greater vulnerability because most binaries and libraries are available to user accounts.

    Here's my suggestions:

    1. Don't feel a false sense of security by disabling all shell accounts or by using jailed shell accounts. They do slow nefarious people down, but they aren't a panacea and breaking out of them can be trivial. You're also probably offering greater access through CGI access anyway.

    2. Just see it is one layer in a while raft of security measures.

    3. Treat them (jailed shells) as a way to prevent users doing any more accidental damage than they might with a full shell account.

    Most hosts these days either don't give shell access of any kind, or do so only on request for short periods of time, which they monitor. But do consider my point about CGI access being just as risky anyway.
    Jonathan Michaelson

    Need your cPanel servers secured and tuned?
    cPanel Server Configuration, Security, Recovery and Antivirus/AntiSpam Services
    Developers of the most effective (and free) Firewall & Security Solution for cPanel Servers - csf
    http://www.configserver.com

Similar Threads

  1. Limit Resellers to allowing at most: Jailed Shell SSH access
    By RisingHost in forum Feature Requests for cPanel & WHM
    Replies: 15
    Last Post: 06-08-2012, 09:14 AM
  2. Mac User - Jailed Shell Access Trouble
    By Selena in forum New User Questions
    Replies: 2
    Last Post: 02-06-2010, 11:40 PM
  3. Sorry, the shell, Enable Normal Shell does not exist!
    By 4u123 in forum cPanel & WHM Discussions
    Replies: 4
    Last Post: 06-15-2007, 07:05 AM
  4. Limit Resellers to allowing at most: Jailed Shell SSH access
    By RisingHost in forum cPanel & WHM Discussions
    Replies: 12
    Last Post: 10-18-2004, 12:03 PM
  5. Normal Shell and Jail Shell?
    By JustinS in forum cPanel & WHM Discussions
    Replies: 0
    Last Post: 04-27-2003, 05:00 PM