[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Privacy?

Subject: Re: [cobalt-users] Privacy?
From: "Marc Gear" <marcg@xxxxxxxxxxxxxx>
Date: Tue Apr 10 06:09:06 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

> Now, when they telnet in, and goto /home/sites they can access ALL files
of
> any other domain hosted on the server,
> how do I prevent them from doing this?
> I respect the privacy of my customers and I DO NOT WANT OTHERS TO ACCESS
> THEIR FILES (sorry for the caps :P)

THERE IS NO WAY OF PREVENTING THIS
oh... sorry about the caps.

Telnet wont run chrooted. you'd have to have hard links to all the binaries
in a sort of copy of the / directory for that to work properly - and thats
an awful lot of customers quota for shit like that, and far far more hassle
than it is ever worth

It is really down to your customers to set the permissions for thier files
correctly if they do not wish to be viewable to the world.  They should bear
in mind that the web directory and the files in it have to be world
read-executable and world readable for them to work correctly as apache
reads them as the user 'nobody'

the moment you give your customers telnet access they should be responsible
for the permissions on thier files, not you.
--
/\/\ a R (

References:
- [cobalt-users] Privacy?
  - From: Leslie Herps

Prev by Date: Re: [cobalt-users] How to preven http://someuser.com/admin
Next by Date: RE: [cobalt-users] Cobalt Racks Question
Previous by thread: Re: [cobalt-users] Privacy?
Next by thread: RE: [cobalt-users] Privacy?

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index