On 7/14/05, DI Peter Burgstaller <[EMAIL PROTECTED]> wrote: > I'm using AIDE and am very happy with it.
Thanks I'll look into it. > > 2) Apache & or cgi-bins I use, where the cause of my closest to being > > compromised situations. If I set-up Apache, PHP, cgis, etc in a > > chroot jail, how can I still provide and /~username/ type set-up, as I > > have at least 2 situations where I rely heavily on that? As near as I > > can tell this is not covered in any of the Apache chroot information > > I've read. > I don't really see the problem with /~username/ in a chroot > environment. You can > loopback mount if you need those homes somewhere else as well. Well.. Currently if I add a user, say user1... He gest an public_html directory added to his /home/user1 directory. If he set-up an index file of some kind in that directory the url http://myserver/~user1/ gives him that index file... How could I still provide ~/public_html directory in users 'home' and still have Apache serve it up from a chroot? > > 3) I'd like to provide some limited SFTP (SSH FTP) mechanisms for > > select individuals, for these I would really like to do away with the > > shell, but I haven't found away, how can I provide an shell-less SFTP > > or severely restricted SFTP service for these people? > > If you already have apache on that machine, why not run webdav on > apache-ssl and you won't need shell accounts Hmm... I'll have to think about that... However SSH is the main way that I admin my machine (it's basically headless - my woody one has been so reliable :) ) and it has some really nice FTP like tools that support it (like FileZilla) Thanks Peter for your comment, recommendations, etc. -- George
