View Single Post
  #1  
Old 18th May 2006, 00:45
Norman Norman is offline
HowtoForge Supporter
 
Join Date: May 2006
Posts: 242
Thanks: 0
Thanked 18 Times in 14 Posts
Default Hardening the system without breaking ISPConfig

First of all, I'll list what I want to do and proceed with the issues I've encountered.

Needs:
- Prevent users from reading eachothers directories and subdirectories. <- Is this solvable without implementing ssh chroot?
- Diskquotas reportable by "quota"

Tests:
chmod 711 /var/www/web* <- will prevent people from listing the initial subdirectories however it will not prevent people to pry into subdirectories with lax chmod like 755 etc.
chmod 700 /var/www/web* <- will do some extra work but will prevent apache from displaying the sites.

Setting either of these chmod's will break ispconfig's ability to see disk statistics for the users. Even if the sudo option for du is activated in ispconfig's configuration-file.

Also if quota is activated on the system it doesnt seem to use diskquotas for the users? how so?
__________________
http://www.xh.se
Reply With Quote
Sponsored Links