The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Help!! Security Issue?

Discussion in 'Security' started by SetLar8, Apr 27, 2006.

  1. SetLar8

    SetLar8 Well-Known Member

    Joined:
    Mar 5, 2004
    Messages:
    60
    Likes Received:
    0
    Trophy Points:
    6
    Hi,

    When i enable SSH access to a client on cpanel, if the user accesses SSH via Putty then they can browse to every directory on the server.

    The only directory thay cannot browse is /home.

    How can i restrict them to only seeing their user directory within the home directory?

    Thanks.
     
  2. HostMerit

    HostMerit Well-Known Member

    Joined:
    Oct 24, 2004
    Messages:
    160
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    New Jersey, USA
    cPanel Access Level:
    DataCenter Provider
    Have you enabled jail shell?

    Regardless of them being able to view the structure, they shouldn't be able to modify any files.

    Case in point, restrict access to SSH, charge 20.00 (so only those who need will ask for it), and require a scanned ID before enabling it. At least thats what I do...
     
  3. DalQuest

    DalQuest Member

    Joined:
    Sep 22, 2004
    Messages:
    21
    Likes Received:
    0
    Trophy Points:
    1
    Are you sure what they are seeing is actually the system file structure and not the jailshell chrooted file structure (i.e. /home/virtfs/%USERNAME%/)

    When I ssh into my server with a non-priv account, I see this file structure...

    ./ ../ bin/ checkvirtfs* dev/ etc/ home/ lib/ proc/ tmp/ usr/ var/

    This is not the system root file structure but a psuedo one.
     
Loading...

Share This Page