On Thu, Oct 27, 2005 at 11:04:34PM -0400, Steve Dondley wrote:
> I'm setting up a server that will host many web sites on my Debian
> Sarge machine. Each site will be administered by a different user.
> Each site will give users SFTP access, access to the cgi-bin, and to
> PHP (with mod_php installed). I'm not very worried about my users
> doing anything malicious. However, if a hacker ever obtained a
> password from one of my users, they'd essentially have free reign on
> my server to run any kind of perl/php script they wanted.
>
If the server is beefy enough, consider using libapache{,2}-mod-suphp.
IIRC, it requires that PHP be run as a CGI instead of a mod, hence the
performance hit, but it is much more secure where you cannot control the
scripts written by your users. Also, consider setting low resource
limits on PHP scripts.> So assuming a hacker did get access to a user's web space, what can I > do to limit the damage? I'm having trouble tracking down a document > that will give me a good overview some basic precautions. Here's some > specific questions: > Two packages you will want to consider: rssh - Restricted shell allowing only scp, sftp, cvs, rsync and/or rdist scponly - Restricts the commands available to scp- and sftp-users > Must I abandon mod_php? Is fastcgi the way to go? > If permissions on my files are set properly, is it really necessary to > chroot apache? > What's this v-host (virtual host?) someone mentioned to me? Is this > like giving each user their own chrooted apache server environment? > I use webmin to help create sites quickly and easily. Must I abandon it? > Unfortunately, the rest is beyond my expertise. Maybe others can help. -Roberto -- Roberto C. Sanchez http://familiasanchez.net/~roberto
pgpaJXI8P4v8h.pgp
Description: PGP signature
