I have apache2 running virtual hosts. Ive fingered out how to jail a user that
uploads files to the document root using jailkit and only allow SFTP access.
What I have not fingered out is how to keep a user from reading other files on
the system such as other virtual host document roots by
On March 6, 2011 17:43 , aaron...@comcast.net wrote:
I have apache2 running virtual hosts. Ive fingered out how to jail a
user that uploads files to the document root using jailkit and only
allow SFTP access. What I have not fingered out is how to keep a user
from reading other files on the
On Sun, 6 Mar 2011 22:43:36 + (UTC)
aaron...@comcast.net wrote:
I could jail the www-data account but this would not prevent one virtual host
from seeing another using a phpshell since they would be in the same jail.
Yep. Virtualhosts aren't designed for that level of security.
You
I'm running Apache/2.2.12 (Ubuntu) Server. I thought I was running a separate
instance of httpd by having Listen configured twice in the ports.conf file. see
below.
I have two IP virtual hosts setup in the site-available
VirtualHost 192.168.253.250:80
ServerAdmin webmaster@localhost
On 3/6/2011 2:43 PM, aaron...@comcast.net wrote:
I have apache2 running virtual hosts. Ive fingered out how to jail a
user that uploads files to the document root using jailkit and only
allow SFTP access. What I have not fingered out is how to keep a user
from reading other files on the system
Jim Walls wrote:
~snip~
Did I just answer the question or am I completely missing the question?
and with no ftp server installed you can point a web bowser to
ftp://xyz.com and httpd will allow ftp protocol read access.
to stop that you need to do as earlier posters described.