chroot'ed cgi scripts

phpdeveloper

Verified User
Joined
Oct 3, 2003
Messages
12
Hello, I am new to this forum. I just had directadmin installed on my server. I really like it, but seems like it doesn't deal with the problem of running CGI scripts accessing files outside of the user's home dir, that is, in the chroot'ed environment.

Check this link:

http://www.rohitab.com/cgiscripts/cgitelnet.html#Download

this is a simple perl script that allows to browse the file system. The user will have access to everywhere, where he would be allowed access using SSH. SO even if SSH access is not allowed, they still can install that script on the server and do what they need to. On the one hand that's good - if you have users you can trust, but on the other hand - you never know. ENSIM Pro deals with this issue. CPanel doesn't. It would be good if DA could install a patched version of apache that would check the user's id and not let them go any upper than their home dir. Apart from that, I find DA most exciting discovery I made in the last few months :)


PS: there are discussions on this here:
http://forum.rackshack.net/showthread.php?s=&threadid=6512&highlight=chrooted+cgi+suexec

and here:

http://forum.rackshack.net/showthread.php?s=&threadid=6024
 
Last edited:
Back
Top