Security Basics mailing list archives
Re: User folders - Linux
From: Alexander Klimov <alserkli () inbox ru>
Date: Thu, 2 Dec 2004 11:54:26 +0200 (IST)
On Tue, 30 Nov 2004, Rafal Zajac wrote:
I will have there kinds of users: - shell users - users with shell, ftp, www (home pages http/php/mySQL) access - Not trusted users - without shell access but with ftp and www access - anonymous users - access to anonymous ftp (upload and download - uploaded data will be accessible to download only after approval )
Note that if you allow to upload a program (e.g., PHP script) and execute it on a http request this means that effectively you provide "shell access". So, unless you disable CGI and PHP for "not trusted users" there is no point in separating these categories. -- Regards, ASK
Current thread:
- User folders - Linux Rafal Zajac (Dec 01)
- Re: User folders - Linux Alexander Klimov (Dec 02)
- Re: User folders - Linux Asmo (Dec 02)
- Re: User folders - Linux xyberpix (Dec 06)
- <Possible follow-ups>
- User folders - Linux Asmo (Dec 02)
- Re: User folders - Linux Alexander Klimov (Dec 02)