At 03:51 PM 6/6/2002, you wrote: >Today I found the following problem : > >As soon as a simple user or siteadmin got >Telnet/SSH access to our RaQ4 or XTR he is >able to walk through all domain directories. > >He has permissions to read and copy all >files of all domain directories also the >server files under /home/sites/home/web > >What a security risk ! > >Only the user directories /users/. are >safe = Permission denied ! > >All files - except the files of the user directories - >are owned by nobody which is strange to me. > >I tried to disable shell account for certain >domains and it's users using the Cobalt interface >(Site Settings). After that the interface indicated >Telnet/Shell access disabled for e.g. user alfred, >but user alfred is still able to access the server >by Telnet and SSH.
Must be something wrong on yours, it works on mine. >The only way out was to disable Telnet and SSH >systemwide. > >What can I do to restrict user permissions so users >are no longer able to walk through all domain (site) >directories. Change permissions. >Shall I replace the owner nobody by the username of >the siteadmin of each domain. nobody is the computer vs root or admin I would venture you created the directories as admin. >Thanks in advance, >--Dave > >_______________________________________________ >cobalt-security mailing list >[EMAIL PROTECTED] >http://list.cobalt.com/mailman/listinfo/cobalt-security _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
