Re: Apache+PHP+ftp security

From: Kalevi Nyman (kan_at_canit.se)
Date: 03/28/05

  • Next message: Scott Fagg: "RE: Apache+PHP+ftp security" 
    To: abend <roy@clusterdigital.com>
Date: Mon, 28 Mar 2005 19:43:06 +0200

    Before you do anything have a look at
    http://www.mamboserver.com/

    Its an excellent content management system well suited
    for virtual domains. No FTP-hazzle! They have removed
    the confusion component!

    fre 2005-03-25 klockan 19.54 skrev abend:
    > Hi all,
    >
    > I'm configuring a linux server which may act as our main hosting
    > server. This is, we provide hosting services for small business, and
    > we need to configure our linux server to host their web pages. Our
    > clients will upload their files by ftp (now it's vsftpd).
    >
    > Our first purpose was setting the ftp server to upload the files to be
    > owned by the user which logged in and by group www-data (the files for
    > each virtual server is under /home/example/www, where example stands
    > for an example user), and umask set to 027. Our requirement is that
    > the user example does not belong to the www-data group. By this way we
    > get no problems about users reading another user php code, etc, but we
    > didn't find any ftp server which permits us do that (proftpd have a
    > GroupOwner directive which make uploaded files to be group-owned by
    > the group we want to, but the user needs to belong to that group,
    > which is not our intention). We searched for information on how to run
    > the ftp server (the child process after authentication of the user)
    > with the appropriate user but with pgid www-data, and make the files
    > owned by this group, but neither proftpd, wu-ftpd or vsftpd matched
    > this caracteristics.
    >
    > Our last approach was making users belong to the www-data group. This
    > doesn't protect the php code of ones from other directly, but our
    > clients doesn't get shell access, and we thought we can configure PHP
    > safe_mode. The problem with this is that files created by a php script
    > are created to be owned by the user who runs apache: www-data; if we
    > want to read this files by another php script, owned by some user,
    > it'll fail according to our safe_mode configuration. We can't use
    > suExec because we're using mod_php, not cgi. I've readed a recent
    > thread in this same mailing list about this all, but it didn't help.
    >
    > In order to solve my problem, my questions are:
    > - Can i run apache's child processes with an arbitrary user
    > (configured in a VirtualHost basis)? This solve the second problem,
    > but is this a good idea?
    > - Does anyone know how to do the first configuration works as
    > expected? This solves the problem (safe_mode not needed).
    > - any other ideas?
    >
    > Yours,
    > Roi Rodriguez
    >

  • Next message: Scott Fagg: "RE: Apache+PHP+ftp security"
    • Quantcast