The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Shell Access Dangerous?

Discussion in 'General Discussion' started by Omar, Aug 6, 2002.

  1. Omar

    Omar Well-Known Member

    Joined:
    Jul 30, 2002
    Messages:
    82
    Likes Received:
    0
    Trophy Points:
    6
    Is there any way to 'limit' what people can do with shell access?

    I logged in to one of my own accounts with shell access, and I was able to look in other user's directories and see the other system directories and partitions.

    When I had shared hosting, I couldn't even run the TOP command with my shell access. And that host was using WHM/CPanel too.

    Anyway to lock-down shell access a bit?

    Thanks

    - Omar
     
  2. cass

    cass Well-Known Member

    Joined:
    Jul 17, 2002
    Messages:
    354
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Argentina/USA/Mexico
    Yes... I'm interesed in that too...
    I know that the best (or maybe near) way to do this is with chroot ... so chrooting any user in its own celd ...

    I needed to do a lot of chmod's to make things not viewable from all to all users... you know...

    for example :
    /home .............................. drwxr-x--x
    /home/someuser ............ drwx--x--x

    as you know... someone can &guess& that there is a public_html dir .... so can cd /home/someuser/public_html and then... see all contents on it... BUT... I recomend users to...
    /home/someuser/public_html ........ drwxr-xr--

    and then ... chgrp the dir to nobody (or the user running apache)
    this way noone but the user & apache can read this dir or you'll get a 503 error or somethign from web if you chmod but not chgrp.

    Anyway... some guru there can tech us on how to make this the better way ?

    Regards.
    Carlos Ariel Sepúlveda.
     
Loading...

Share This Page