Re: Apache+PHP+ftp security

From: Mailinglists Address (mailinglist_at_expresshosting.net)
Date: 03/30/05

  • Next message: barti: "Re[2]: Apache+PHP+ftp security"
    Date: Tue, 29 Mar 2005 22:15:46 -0600
    To: abend <roy@clusterdigital.com>
    
    

    >In order to solve my problem, my questions are:
    >- Can i run apache's child processes with an arbitrary user
    >(configured in a VirtualHost basis)? This solve the second problem,
    >but is this a good idea?
    >- Does anyone know how to do the first configuration works as
    >expected? This solves the problem (safe_mode not needed).
    >- any other ideas?
    >
    >
    >
    >
    As someone else has already suggested, proftpd already provides an
    excellent chroot enviroment for ftp (and also does not require
    duplicated binaries as some old versions of ftpd required; wu-ftpd comes
    to mind). Couple that with the fact that you can also configure proftpd
    to allow users with invalid shells to login to ftp while preventing
    login to other services (ssh, telnet, etc.) it seems like a good fit.

    RequireValidShell off
    DefaultRoot ~ groupname

    Couple that solution with correct usage of PHP's open_basedir within the
    vhost's configuration in apache and that should provide you the level of
    seperation you are looking for.

    php_admin_value open_basedir "/home/example/:/tmp"

    Also as an additional security measure you might want to mount your /tmp
    as a partition set with noexec to prevent any of your clients from using
    an application that has potential remote exploits in circulation (a
    certain combination of PHPNuke with the Coppermine gallery has
    personally caused me some problems last year on a vhost server).

    Some things I thought I would pass along.

    Tom Walsh


  • Next message: barti: "Re[2]: Apache+PHP+ftp security"