The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

JailShell Access

Discussion in 'General Discussion' started by ic0de, Mar 10, 2010.

  1. ic0de

    ic0de Registered

    Joined:
    Mar 10, 2010
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    I would like to restrict some of the commands that are allowed in the jailshell + some of the directory. Can someone help me with it? atm anyone who has jailshell can view edit /etc/passwd file also. hence i wanna fix thing in my server. any help appreciated.

    Thanks
     
  2. garrettp

    garrettp Well-Known Member
    PartnerNOC

    Joined:
    Jun 18, 2004
    Messages:
    312
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    DataCenter Provider
    If non-root users have access to modify /etc/passwd you've got some larger problems on your hands. That file should have 0644 root:root permissions, meaning normal users will have read-only access. Further, /etc/shadow for instance should be 0600 root:root.

    If you're really worried about your users doing malicious things, it's best to not give them shell access at all; even a jailshell can be broken out of.
     
Loading...

Share This Page