Jim Walls wrote:
~snip~
>
> Did I just answer the question or am I completely missing the question?
>
>
and with no ftp server installed you can point a web bowser to
ftp://xyz.com and httpd will allow ftp protocol read access.
to stop that you need to do as earlier posters described.
---
On 3/6/2011 2:43 PM, aaron...@comcast.net wrote:
I have apache2 running virtual hosts. Ive fingered out how to jail a
user that uploads files to the document root using jailkit and only
allow SFTP access. What I have not fingered out is how to keep a user
from reading other files on the system
I'm running Apache/2.2.12 (Ubuntu) Server. I thought I was running a separate
instance of httpd by having Listen configured twice in the ports.conf file. see
below.
I have two IP virtual hosts setup in the site-available
ServerAdmin webmaster@localhost
DocumentRoot /var/www
ServerName we
On Sun, 6 Mar 2011 22:43:36 + (UTC)
aaron...@comcast.net wrote:
> I could jail the www-data account but this would not prevent one virtual host
> from seeing another using a phpshell since they would be in the same jail.
Yep. Virtualhosts aren't designed for that level of security.
You fo
On March 6, 2011 17:43 , aaron...@comcast.net wrote:
I have apache2 running virtual hosts. Ive fingered out how to jail a
user that uploads files to the document root using jailkit and only
allow SFTP access. What I have not fingered out is how to keep a user
from reading other files on the sy
I have apache2 running virtual hosts. Ive fingered out how to jail a user that
uploads files to the document root using jailkit and only allow SFTP access.
What I have not fingered out is how to keep a user from reading other files on
the system such as other virtual host document roots by uploa
