Choosing A Webhost:
A web hosting service is a type of Internet hosting service that allows individuals and organizations to provide their own website accessible via the World Wide Web. Web hosts are companies that provide space on a server they own for use by their clients as well as providing Internet connectivity, typically in a data center. Web hosts can also provide data center space and connectivity to the Internet for servers they do not own to be located in their data center, called colocation. more...
|
Re: ftp upload, was Re: vsftpd and ~/public_html: msg#00121
|
Subject: |
Re: ftp upload, was Re: vsftpd and ~/public_html |
gnu not unix wrote:
[y4kk0@X ~]$ ls -Zd public_html/
drwxrwxrwx y4kk0 users system_u:object_r:httpd_user_content_t
public_html/
[y4kk0@X ~]$
selinux-policy-targeted-1.25.4-10
system: Fedora Core 4
Maybe default policy should allow ftp server to enter this directory
so users would be able to upload their WWW stuff via ftp?
Sounds reasonable, I will add it.
Ouch, this seems like opening up an attack vector to me.
Shouldn't ftp *upload* be to a write-only "holding cell"
at least?
../Steven
This is only for ftp being allowed to modify users homedirs. If the
user sets boolean
ftp_home_dir then the user can modify and read most contents of the
users home dir. This just adds public_html. If you want to protect the
users home dir from ftp, I would not turn on that boolean. Without this
change a hacker could put something in the .bashrc or other startup
files and next time the real user logs in it would manipulate the
public_html directory.
--
|
| |
