On 29/09/06, Voytek Eymont <[EMAIL PROTECTED]> wrote:
no, they only have ftp access, anywayBut they can practically put any executable, or at least, any PHP code, on the server and invoke it, right?So what would prevent them from putting some SSH server and executing it, for instance?
thanks for al
On Wed, September 27, 2006 11:12 am, Howard Lowndes wrote:
> ...but if these are on virtual guests then wouldn't they only affect
> that guest and not any of the others? Sure, it would be a problem for the
> user of that guest but not for the users of other guests.
they're just virtual name hos
On Wed, September 27, 2006 9:07 am, Penedo wrote:
> On 27/09/06, Voytek Eymont <[EMAIL PROTECTED]> wrote:
> Jail them - use one of multiple available segregation methods:
>
>
> 1. chroot
> 2. User Mode Linux (UML)
> 3. VMware
> 4. Xen
> 5. Virtuozoo
> 6. Maybe use SE-Linux to limit user's access
This one time, at band camp, Voytek Eymont wrote:
>I have a LAMP server with several vhosts, some of the users now
>install/run their own CMSs, what sort of tools/checks are there I can use
>to attempt to protect the server ? (rather than, as I currently do, relay
>on sheer luck)
What hosting comp
On 27/09/06, Voytek Eymont <[EMAIL PROTECTED]> wrote:
I have a LAMP server with several vhosts, some of the users now
install/run their own CMSs, what sort of tools/checks are there I can use
to attempt to protect the server ? (rather than, as I currently do, relay
on sheer luck)
Jail them - us
I have a LAMP server with several vhosts, some of the users now
install/run their own CMSs, what sort of tools/checks are there I can use
to attempt to protect the server ? (rather than, as I currently do, relay
on sheer luck)
what I recently stumbled across:
a user had phpmyadmin with no access c
