Security Basics mailing list archives
Re: User folders - Linux
From: "Asmo" <asmodeus () interia pl>
Date: Thu, 2 Dec 2004 10:03:51 -0800
Hi
On Tue, 30 Nov 2004, Rafal Zajac wrote:I will have there kinds of users: - shell users - users with shell, ftp, www (home pages http/php/mySQL) access - Not trusted users - without shell access but with ftp and www access - anonymous users - access to anonymous ftp (upload and download -
uploaded
data will be accessible to download only after approval )Note that if you allow to upload a program (e.g., PHP script) and execute
it on
a http request this means that effectively you provide "shell access". So, unless you disable CGI and PHP for "not trusted users" there is no point
in
separating these categories.
Yes I konow. I forgot to write that "not trusted users" will have no PHP, CGI. My question was only about folder placement. Thank you Rafal ---------------------------------------------------------------------- Ponad 400 tysiecy facetow czeka na Ciebie
http://link.interia.pl/f183a
Current thread:
- User folders - Linux Rafal Zajac (Dec 01)
- Re: User folders - Linux Alexander Klimov (Dec 02)
- Re: User folders - Linux Asmo (Dec 02)
- Re: User folders - Linux xyberpix (Dec 06)
- <Possible follow-ups>
- User folders - Linux Asmo (Dec 02)
- Re: User folders - Linux Alexander Klimov (Dec 02)