Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Shell Access Dangerous?

Discussion in 'General Discussion' started by Omar, Aug 6, 2002.

  1. Omar

    Omar Well-Known Member

    Jul 30, 2002
    Likes Received:
    Trophy Points:
    Is there any way to 'limit' what people can do with shell access?

    I logged in to one of my own accounts with shell access, and I was able to look in other user's directories and see the other system directories and partitions.

    When I had shared hosting, I couldn't even run the TOP command with my shell access. And that host was using WHM/CPanel too.

    Anyway to lock-down shell access a bit?


    - Omar
  2. cass

    cass Well-Known Member

    Jul 17, 2002
    Likes Received:
    Trophy Points:
    Yes... I'm interesed in that too...
    I know that the best (or maybe near) way to do this is with chroot ... so chrooting any user in its own celd ...

    I needed to do a lot of chmod's to make things not viewable from all to all users... you know...

    for example :
    /home .............................. drwxr-x--x
    /home/someuser ............ drwx--x--x

    as you know... someone can &guess& that there is a public_html dir .... so can cd /home/someuser/public_html and then... see all contents on it... BUT... I recomend users to...
    /home/someuser/public_html ........ drwxr-xr--

    and then ... chgrp the dir to nobody (or the user running apache)
    this way noone but the user & apache can read this dir or you'll get a 503 error or somethign from web if you chmod but not chgrp.

    Anyway... some guru there can tech us on how to make this the better way ?

    Carlos Ariel Sepúlveda.
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice