Security Basics mailing list archives

Re: User folders - Linux

From: Alexander Klimov <alserkli () inbox ru>
Date: Thu, 2 Dec 2004 11:54:26 +0200 (IST)

On Tue, 30 Nov 2004, Rafal Zajac wrote:

I will have there kinds of users:

- shell users - users with shell, ftp, www (home pages http/php/mySQL)
access

- Not trusted users - without shell access but with ftp and www access

- anonymous users - access to anonymous ftp (upload and download - uploaded
data will be accessible to download only after approval )


Note that if you allow to upload a program (e.g., PHP script) and execute it on
a http request this means that effectively you provide "shell access". So,
unless you disable CGI and PHP for "not trusted users" there is no point in
separating these categories.

-- 
Regards,
ASK

Current thread:

User folders - Linux Rafal Zajac (Dec 01)
- Re: User folders - Linux Alexander Klimov (Dec 02)
  - Re: User folders - Linux Asmo (Dec 02)
- Re: User folders - Linux xyberpix (Dec 06)
- <Possible follow-ups>
- User folders - Linux Asmo (Dec 02)