Hello suse-security List Members, Our SuSE box users want to have their own virtual www-servers. I've set up ProFTPD with chroot to user's home directory. The probable setup for the www will be using /home/<user>/www/ structure, where I intend to put a small config file (included into main apache config) and the log files will be there too. Will I face any security issues with such a setup? Are there any other approaches? -- Best regards, Boris mailto:kimel@1303.ru
Cool. Can I buy an account? hint: server side includes, suexec...... Really
really bad idea to let users modify a config for something that starts life
running as root. Plus I could "steal" other user's sites possibly, break the
config, etc. Keep the conf files in a location only you can modify (why the
heck would you let users modify their stuff anyways?).
Kurt Seifried, kurt@seifried.org
A15B BEE5 B391 B9AD B0EF
AEB0 AD63 0B4E AD56 E574
http://seifried.org/security/
----- Original Message -----
From: "Boris Kimel"
Hello suse-security List Members,
Our SuSE box users want to have their own virtual www-servers. I've set up ProFTPD with chroot to user's home directory. The probable setup for the www will be using /home/<user>/www/ structure, where I intend to put a small config file (included into main apache config) and the log files will be there too. Will I face any security issues with such a setup? Are there any other approaches?
-- Best regards, Boris mailto:kimel@1303.ru
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
Hello Kurt, Friday, February 01, 2002, 10:44:05 AM, you wrote: KS> Cool. Can I buy an account? hint: server side includes, suexec...... Really KS> really bad idea to let users modify a config for something that starts life KS> running as root. Plus I could "steal" other user's sites possibly, break the KS> config, etc. Keep the conf files in a location only you can modify (why the KS> heck would you let users modify their stuff anyways?). Ok. I meant a couple of "smart" users from whom I don't expect anything weird. Anyway, I'l get tired pretty soon if they'll call me to change their configs. Yes, breaking the config is quite simple, but it looks like the only virtual config is broken, i.e. the one containing errors. And I don't want users to see other sites, esp. the 'main' one, and can see no way for a user to do it. Still most probably I'll try to keep all configs by myself and let the users bother me. Thanks. -- Best regards, Boris mailto:kimel@1303.ru P.S. Accounts are for free. They're intended for some teens who'd like to learn something.
You'll also get tired hunting down typo's in their config that break sites or maybe prevent apache from loading. Kurt Seifried, kurt@seifried.org A15B BEE5 B391 B9AD B0EF AEB0 AD63 0B4E AD56 E574 http://seifried.org/security/
Ok. I meant a couple of "smart" users from whom I don't expect anything weird. Anyway, I'l get tired pretty soon if they'll call me to change their configs. Yes, breaking the config is quite simple, but it looks like the only virtual config is broken, i.e. the one containing errors. And I don't want users to see other sites, esp. the 'main' one, and can see no way for a user to do it.
Still most probably I'll try to keep all configs by myself and let the users bother me. Thanks.
-- Best regards, Boris mailto:kimel@1303.ru
P.S. Accounts are for free. They're intended for some teens who'd like to learn something.
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
On Friday 01 February 2002 07:44, Kurt Seifried wrote:
Cool. Can I buy an account? hint: server side includes, suexec...... Really really bad idea to let users modify a config for something that starts life running as root. Plus I could "steal" other user's sites possibly, break
Agreed, so why not let them have their config file, and just assign a port to them, to run their own copy of Apache which they start themselves.
the config, etc. Keep the conf files in a location only you can modify (why the heck would you let users modify their stuff anyways?).
Well I had web developer types, and they had this strange idea, that they needed to hack config files for stuff, in order to do work. Using the user owned httpd process at least meant they didn't have access to root password, or the account through more devious means. Rob
participants (3)
-
Boris Kimel -
Kurt Seifried -
Robert Davies