Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Technical

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 8th January 2007, 11:37
qwe010 qwe010 is offline
Member
 
Join Date: Nov 2006
Posts: 52
Thanks: 0
Thanked 1 Time in 1 Post
Default How can prevent the user from edit file ?

hello

How can prevent the user from

edit the files ( .htaccess ) ?
Reply With Quote
Sponsored Links
  #2  
Old 8th January 2007, 11:47
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,741
Thanks: 840
Thanked 5,597 Times in 4,408 Posts
Default

Set the permissions of the file to read only:

chmod -w yourfilename.ext

To change this for all files in a direcory:

cd /your/directory
chmod -R -w *
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 8th January 2007, 13:18
qwe010 qwe010 is offline
Member
 
Join Date: Nov 2006
Posts: 52
Thanks: 0
Thanked 1 Time in 1 Post
Default

thanks

But I mean for all my clients on my server

i mean Hypothetical

i don't want any user but any command in this filse

like Disruption mod security
Reply With Quote
  #4  
Old 9th January 2007, 16:14
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,747 Times in 2,578 Posts
Default

You must change the permissions of each .htaccess file, as Till said.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #5  
Old 10th January 2007, 08:51
qwe010 qwe010 is offline
Member
 
Join Date: Nov 2006
Posts: 52
Thanks: 0
Thanked 1 Time in 1 Post
Default

This is bad , which means that any person can overcome protection

any idea ?
Reply With Quote
  #6  
Old 11th January 2007, 19:56
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,747 Times in 2,578 Posts
Default

There's no problem if you don't give your users shell access (which is a security risk) and configure ProFTPd to not show files beginning with a dot (which is the default setting).
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #7  
Old 14th January 2007, 10:07
qwe010 qwe010 is offline
Member
 
Join Date: Nov 2006
Posts: 52
Thanks: 0
Thanked 1 Time in 1 Post
Default

thanks falko

But if penetrator able to disrupt protection

Will hacked the sites

and used the shell freely
Reply With Quote
  #8  
Old 14th January 2007, 12:25
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,741
Thanks: 840
Thanked 5,597 Times in 4,408 Posts
Default

If you chown the files to user and group root, then someone needs root priveliges to change the files.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #9  
Old 20th January 2007, 10:34
qwe010 qwe010 is offline
Member
 
Join Date: Nov 2006
Posts: 52
Thanks: 0
Thanked 1 Time in 1 Post
Default

how ido that

i have new client every day ?

how i make that by default

i don't want any user but any command in this filse now or later ?
Reply With Quote
  #10  
Old 20th January 2007, 12:23
sjau sjau is offline
Local Meanie
 
Join Date: Apr 2006
Location: Switzerland
Posts: 1,149
Thanks: 4
Thanked 56 Times in 52 Posts
 
Default

You could setup a cron job that executes a shell script on a regular base... like every 10 min or so...

That shell script will then fetch all .htaccess files from a given directory (or maybe even subdirectories [but one level down is probably enough] and alter the ownership and file mode...

The shell script would be something like this (needs to be tested!!!):
Code:
for FILE in "$(find /var/www -maxdepth 2 -name ".htaccess")"
do
# Echo the files found
        echo $FILE
# Chown the files found
#        chown root.root $FILE
# Chmod the files found
#       chmod 0755 $FILE
done
exit 0
This above script will search all /var/www plus it will go one directory down.... assuming that you have the setup something like this:

/var/www
--> /var/www/web1
--> /var/www/web2
--> /var/www/web3

If you have the user webfolder in something like this:
--> /var/www/web3/html
Then alter the maxdepth limitation... I'm not sure if the above example is already set to one level deep or not...
Hence I did comment out the actual chownin and chmodding... first use the echo
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Statistic not working mzo Installation/Configuration 49 20th April 2011 13:19
spamassasin/clamAV not working Daisy Installation/Configuration 32 15th February 2007 01:09
Systemimager (rsync) doesn't copy all comedit HOWTO-Related Questions 11 19th January 2007 18:17
HotSaNIC domino Tips/Tricks/Mods 23 6th November 2006 06:19
jamed up my table borders?? Boon-Dog-Danny Installation/Configuration 5 23rd September 2006 17:12


All times are GMT +2. The time now is 10:30.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.