David Ricar wrote:
Hello,
~snip~
So my concept is based on two basic users for every website - one for
ftp and another for suexec run. Homedir of both is one level above any
website data and it is owned by root, ftp is chrooted there. If suexec
would be able to just check if code is in users homedir, I'd have what I
need. This way, I could limit where the web is able to rewrite itself -
make it as safe as possible with dynamic pages.
I believe the standard method of doing this to completely lock the
server from allowing a file system traversal to another client's website
is chroot. /home/username being the top level for everything as far as
they are concerned.
I have seen on multiple hosting services where there is a "system" in
/home/username and nothing above it at all, yet it's identified as
/home/username.
This tells me they are using chroot for even httpd, with the minimal
system needed for the services to run properly copied into the userdir.
This makes the PRIMARY login the suexec user. extra logins [ such as for
ftp access ] do not have suexec access at all. and only the primary
login is not in a chroot ftp login stopping even getting into
/home/username.
if you want to allow multiple logins to traverse the accounts entire
directory tree, you are allowing a hole in security anyway. the only fix
is to have it only writable by the owner, none of the other ftp logins
can write anywhere but in the ftp folder.
Jaqui
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
