Re: How do I keep Virtural hosts from seeing the others document root?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: users@xxxxxxxxxxxxxxxx
Subject: Re: How do I keep Virtural hosts from seeing the others document root?
From: Jim Walls <jim@xxxxxxxxx>
Date: Sun, 06 Mar 2011 21:58:59 -0800
In-reply-to: <727223221.554789.1299451416838.JavaMail.root@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Reply-to: users@xxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.15) Gecko/20110303 Thunderbird/3.1.9

On 3/6/2011 2:43 PM, aaronrus@xxxxxxxxxxx wrote:

I have apache2 running virtual hosts. Ive fingered out how to jail a user that uploads files to the document root using jailkit and only allow SFTP access. What I have not fingered out is how to keep a user from reading other files on the system such as other virtual host document roots by uploading a phpshell which runs under the www-data user which is not jailed.

Maybe I'm not understanding the problem.Â As I understand it, you dont want a user that has ftp access to one of your virtual hosts to be able to have read access to another of the virtual hosts.Â What's the problem?Â As I understand the question, this has everything to do with the security and setup of your ftp server and nothing to do with apache.Â I have this very easily.Â I use Bulletproof FTP server and I can easily allow a user ID whatever access and to whatever directories I want.Â The two virtual servers have completely different document roots.Â Let me give an example:

I have a virtual server that is xyz.org with a root of C:\Program Files\Apache Group\Apache2\htdocs\xyz.org
I have a second virtual server that is abc.info with a root of C:\Program Files\Apache Group\Apache2\htdocs\abc.info

In my ftp server, the user IDs that are there for access to xyz.org have no access above C:\Program Files\Apache Group\Apache2\htdocs\xyz.org and the user IDs that are there for access to abc.info have no access above C:\Program Files\Apache Group\Apache2\htdocs\abc.info

Did I just answer the question or am I completely missing the question?

-- 
73
-------------------------------------
Jim Walls - K6CCC
jim@xxxxxxxxx
Ofc:  818-548-4804
http://members.dslextreme.com/users/k6ccc/
AMSAT Member 32537 - WSWSS Member 395

Follow-Ups:
- Re: How do I keep Virtural hosts from seeing the others document root?
  - From: J. Greenlees

References:
- How do I keep Virtural hosts from seeing the others document root?
  - From: aaronrus

Prev by Date: Re: How do I keep Virtural hosts from seeing the others document root?
Next by Date: Re: How do I keep Virtural hosts from seeing the others document root?
Previous by thread: Re: How do I keep Virtural hosts from seeing the others document root?
Next by thread: Re: How do I keep Virtural hosts from seeing the others document root?
Index(es):
- Date
- Thread

[Index of Archives] [Open SSH Users] [Linux ACPI] [Linux Kernel] [Linux Laptop] [Kernel Newbies] [Security] [Netfilter] [Bugtraq] [Squid] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Samba] [Video 4 Linux] [Device Mapper]