Home page logo

basics logo Security Basics mailing list archives

Re: User folders - Linux
From: Alexander Klimov <alserkli () inbox ru>
Date: Thu, 2 Dec 2004 11:54:26 +0200 (IST)

On Tue, 30 Nov 2004, Rafal Zajac wrote:
I will have there kinds of users:

- shell users - users with shell, ftp, www (home pages http/php/mySQL)

- Not trusted users - without shell access but with ftp and www access

- anonymous users - access to anonymous ftp (upload and download - uploaded
data will be accessible to download only after approval )

Note that if you allow to upload a program (e.g., PHP script) and execute it on
a http request this means that effectively you provide "shell access". So,
unless you disable CGI and PHP for "not trusted users" there is no point in
separating these categories.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]