Hello ,

I am an hosting provider . Your file manager works great , so i am considering to buy a license .

However I noticed a security problem . The "command" function provide the client
an ssh/telnet session via web .

For example every client could use cat /etc/passwd and then could browse each user
executing ls /home/user/public_html and so on cacthing code and clean passwords .

Is there any way to restrict the usage of command in the /home/user directory ?
(I am not a perl expert . On php there is the "php safe mode" that restrict the usage of "command" on a shared enviroments . Is there anything similar to php_safe_mode on perl ?)

Thanks a lot
Graziano

Hi Graziano,

I actually disabled the command option altogether for my users. There really isn't any way to prevent a user from doing just what you mentioned other than your standard security & lock-down practices. Do you offer telnet/ssh access for your clients? There is no difference unless you don't run a CGI wrapper like suEXEC.

Regards,
Charlie

I don't offer SSH telnet on shared because it's really really dangerous .
I could consider to offer ssh only chrooting clients to /home/user but it's quite complicated for me , so I don't offer ssh/telnet.


Disabling command from your file manager it's useful .
In fact an user could download file manager from this site , and install it
on his account and use the File Manager command without limitation.

I have suEXEC , hoewever I cannot understand how it could help me to
prevent the utilization of this kind of scripts ... please may you explain me ?
Using the File Manager command an user could also crash the server sending
some malicious linux command.

On a perl forum I have read that perl has something similar to php safe mode
(utilized to restrict the usage of linux commands with php) , a "perl safe module" , but I am not a perl expert and I have no idea how to setup it.

Did you know something about it ?

That, along with suEXEC, is about the only way that I think you could secure the 'command' command. I'm certainly not an expert but I would think that as long as Fileman was executing as the user (hence the need for suEXEC) that it would be the same as a user having SSH access to the server. Again, I could mistaken here.



You're correct here. I forgot about the fact that a user can go download the single user version with the 'command' option in tact :/ That kind of defeats your purpose.



See response above - If you do not run suEXEC, Fileman would run as 'nobody' (or what ever Apache runs as) and you can't really lock down anything.



I haven't head about it but I'm not a perl expert either. If you still have info on it, please post it here.

~Charlie