David Ricar wrote:
Hello,
~snip~
So my concept is based on two basic users for every website - one for ftp and another for suexec run. Homedir of both is one level above any website data and it is owned by root, ftp is chrooted there. If suexec would be able to just check if code is in users homedir, I'd have what I need. This way, I could limit where the web is able to rewrite itself - make it as safe as possible with dynamic pages.I believe the standard method of doing this to completely lock the server from allowing a file system traversal to another client's website is chroot. /home/username being the top level for everything as far as they are concerned.
I have seen on multiple hosting services where there is a "system" in /home/username and nothing above it at all, yet it's identified as /home/username. This tells me they are using chroot for even httpd, with the minimal system needed for the services to run properly copied into the userdir.
This makes the PRIMARY login the suexec user. extra logins [ such as for ftp access ] do not have suexec access at all. and only the primary login is not in a chroot ftp login stopping even getting into /home/username.
if you want to allow multiple logins to traverse the accounts entire directory tree, you are allowing a hole in security anyway. the only fix is to have it only writable by the owner, none of the other ftp logins can write anywhere but in the ftp folder.
Jaqui --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|