Hello
Today i see in /home dir virtfs i read many post that i couldnt delete it, but i dont know why I see that directory, because all users on cpanel have shell disabled. Today i see thise directory and /home/virtfs/username thise username i check in cpanel have shell disabled.
Its some seciurity BUG?
Maybe i should disable something in system? (centos 4.4)
Please help me (compilers also disabled in cPanel for all users)
I check it and i see that /home/virtfs/user created when user login to the FTP over SFTP.... I dont understand it
I go to /etc/sshd_config and see:
Subsystem sftp /usr/libexec/openssh/sftp-server
I do
#Subsystem sftp /usr/libexec/openssh/sftp-server
and restart SSH but i still cant login to SFTP, it is some seciurity hole because i can edit system files from SFTP (logs, etc files)
I see that i have option to delete /home/virtfs, i reboot the system and all catalogs in /home/virtfs/user/ was empty, only catalog etc has files, but i think that i can change file name on real /etc/ delete file from /home/virtfs/user/etc/file and rename file to the original in /etc/..
Only way to stop this is disable SSH port example on APF and add to /etc/apf/allow_hosts.rules my home IP adress to only from that one ip ssh alow login?
Today i see in /home dir virtfs i read many post that i couldnt delete it, but i dont know why I see that directory, because all users on cpanel have shell disabled. Today i see thise directory and /home/virtfs/username thise username i check in cpanel have shell disabled.
Its some seciurity BUG?
Maybe i should disable something in system? (centos 4.4)
Please help me (compilers also disabled in cPanel for all users)
I check it and i see that /home/virtfs/user created when user login to the FTP over SFTP.... I dont understand it
I go to /etc/sshd_config and see:
Subsystem sftp /usr/libexec/openssh/sftp-server
I do
#Subsystem sftp /usr/libexec/openssh/sftp-server
and restart SSH but i still cant login to SFTP, it is some seciurity hole because i can edit system files from SFTP (logs, etc files)
I see that i have option to delete /home/virtfs, i reboot the system and all catalogs in /home/virtfs/user/ was empty, only catalog etc has files, but i think that i can change file name on real /etc/ delete file from /home/virtfs/user/etc/file and rename file to the original in /etc/..
Only way to stop this is disable SSH port example on APF and add to /etc/apf/allow_hosts.rules my home IP adress to only from that one ip ssh alow login?
Last edited:
