LinkBack URL
About LinkBackscan anyone tell me what does jail shell do and can a user do any damage with a jail shell access?
when i mean damage i refer to damage to other users or the server its self.
also are there any security issues allowing jail shell access.
shell access - jail shell
can anyone tell me what does jail shell do and can a user do any damage with a jail shell access?
when i mean damage i refer to damage to other users or the server its self.
also are there any security issues allowing jail shell access.
1. Jailed shell access tries to restrict a user within their own environment where they can only access their own files and only use a subset of server commands.
2. They can destroy their own files, see 3.
3. In theory no, in practice, if you have a locally exploitable root vulnerability in any of the apps that the user has access to (which is not uncommon), then yes they can wreak havoc on your server.
There is always a risk in providing shell access, which is why most hosting companies do not provide it unless they trust the user. Having said that, with CGI access, a user can do far more damage than they can from within a jailshell anyway.
Jonathan Michaelson
Need your cPanel servers secured and tuned?
cPanel Server Configuration, Security, Recovery and Antivirus/AntiSpam Services
Developers of the most effective (and free) Firewall & Security Solution for cPanel Servers - csf
http://www.configserver.com
Reply With Quote