New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Can a user without root/su break my server?
I am running some web sites off a server (apache/mysql) and thought I'd let a friend host some sites too by creating a vhost to inside his home dir.
My question is - can he break or break into anything if he doesn't have root/su? Stuff like deleting necessary files, reading sensitive data etc.
Running CentOS 6.
Comments
The simple, stupid answer: yes, if any system files have mode
o+wor his account is a member of any groups that system files are owned by.The slightly better one: he shouldn't be able to, if you didn't add his account to any supplemental groups, and haven't blindly
chmod 0777'd anything.Probably not unless he is good. I would suggest some kind of hosting panel, give him a reseller account and things are solved.
M
Keep in mind that he'll have access to more than just his own account; any web script he runs will be using the www-data account (or CentOS equiv), and can essentially access anything else that account has permissions for (such as... all of the other sites you host).
@Aldryic: That's a very good point, I assume PHP will be able to for example read all my config files?
Aside from getting a dedicated control panel, (i already run 20+ sites off this vhost config, don't want to migrate) is there any other way of making this kind of multi-user setup work with just "vanilla linux"?
Not entirely vanilla, but mod_ruid2 is the greatest thing ever for handling ownership of Apache processes. I'm not exactly sure how you'd set it up on CentOS (my preference is Debian), but you'll need the Apache and
libcapdevelopment packages (apache2-threaded-devandlibcap-devon Debian).You could give him a chrooted shell.
Actually, if he wants to just host a web site, he probably doesn't need a shell at all - just give him FTP access. Lots of big shared hosting companies don't provide shell access.
Yes and no. In a basic setup, he would be able to use php to access/modify any other file that www-data has permissions for (config.php yes, /etc/ssh/sshd_config no). Your best bet is a cpanel-like solution, or taking @MrDOS's and @raingod308's advice on restrictions.
He probably doesn't need a shell, but you probably don't want to run an FTPd – it's an archaic, insecure protocol. rssh is an alternative shell that permits access only to your choice of scp, rsync, and a few other protocols. Because it's a shell, it's assigned on a per-user basis so it won't interfere with your account.
Or sftpd, which is part of the openssh suite.
First thing you should do is find better friends....
This is absolutely useless advice in your case, but if you were running php-fpm you could simply create a new pool for him, so that his php processes ran as a different user, like 'www-somebody', and then couldn't write-access anything owned by the 'www-data' user.
You can use sftpd as the login shell?