The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

shell access - jail shell

Discussion in 'General Discussion' started by ctbhost, Jan 27, 2005.

  1. ctbhost

    ctbhost Well-Known Member

    Joined:
    May 31, 2002
    Messages:
    139
    Likes Received:
    0
    Trophy Points:
    16
    can anyone tell me what does jail shell do and can a user do any damage with a jail shell access?

    when i mean damage i refer to damage to other users or the server its self.

    also are there any security issues allowing jail shell access.
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    1. Jailed shell access tries to restrict a user within their own environment where they can only access their own files and only use a subset of server commands.

    2. They can destroy their own files, see 3.

    3. In theory no, in practice, if you have a locally exploitable root vulnerability in any of the apps that the user has access to (which is not uncommon), then yes they can wreak havoc on your server.

    There is always a risk in providing shell access, which is why most hosting companies do not provide it unless they trust the user. Having said that, with CGI access, a user can do far more damage than they can from within a jailshell anyway.
     
Loading...

Share This Page