Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Technical
Reload this Page How can prevent the user from edit file ?
Register FAQ Members List Social Groups Calendar Search Today's Posts Mark Forums Read

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 8th January 2007, 10:37
qwe010 qwe010 is offline
Member
  
Join Date: Nov 2006
Posts: 52
Thanks: 0
Thanked 0 Times in 0 Posts
Default How can prevent the user from edit file ?
hello

How can prevent the user from

edit the files ( .htaccess ) ?
Reply With Quote
Sponsored Links
  #2  
Old 8th January 2007, 10:47
till till is offline
Super Moderator
  
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 31,896
Thanks: 693
Thanked 4,191 Times in 3,207 Posts
Default
Set the permissions of the file to read only:

chmod -w yourfilename.ext

To change this for all files in a direcory:

cd /your/directory
chmod -R -w *
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 8th January 2007, 12:18
qwe010 qwe010 is offline
Member
  
Join Date: Nov 2006
Posts: 52
Thanks: 0
Thanked 0 Times in 0 Posts
Default
thanks

But I mean for all my clients on my server

i mean Hypothetical

i don't want any user but any command in this filse

like Disruption mod security
Reply With Quote
  #4  
Old 9th January 2007, 15:14
falko falko is offline
Super Moderator
  
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,665
Thanks: 1,896
Thanked 2,593 Times in 2,444 Posts
Default
You must change the permissions of each .htaccess file, as Till said.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #5  
Old 10th January 2007, 07:51
qwe010 qwe010 is offline
Member
  
Join Date: Nov 2006
Posts: 52
Thanks: 0
Thanked 0 Times in 0 Posts
Default
This is bad , which means that any person can overcome protection

any idea ?
Reply With Quote
  #6  
Old 11th January 2007, 18:56
falko falko is offline
Super Moderator
  
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,665
Thanks: 1,896
Thanked 2,593 Times in 2,444 Posts
Default
There's no problem if you don't give your users shell access (which is a security risk) and configure ProFTPd to not show files beginning with a dot (which is the default setting).
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #7  
Old 14th January 2007, 09:07
qwe010 qwe010 is offline
Member
  
Join Date: Nov 2006
Posts: 52
Thanks: 0
Thanked 0 Times in 0 Posts
Default
thanks falko

But if penetrator able to disrupt protection

Will hacked the sites

and used the shell freely
Reply With Quote
  #8  
Old 14th January 2007, 11:25
till till is offline
Super Moderator
  
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 31,896
Thanks: 693
Thanked 4,191 Times in 3,207 Posts
Default
If you chown the files to user and group root, then someone needs root priveliges to change the files.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #9  
Old 20th January 2007, 09:34
qwe010 qwe010 is offline
Member
  
Join Date: Nov 2006
Posts: 52
Thanks: 0
Thanked 0 Times in 0 Posts
Default
how ido that

i have new client every day ?

how i make that by default

i don't want any user but any command in this filse now or later ?
Reply With Quote
  #10  
Old 20th January 2007, 11:23
sjau sjau is offline
Local Meanie
  
Join Date: Apr 2006
Location: Switzerland
Posts: 1,046
Thanks: 4
Thanked 34 Times in 32 Posts
 
Default
You could setup a cron job that executes a shell script on a regular base... like every 10 min or so...

That shell script will then fetch all .htaccess files from a given directory (or maybe even subdirectories [but one level down is probably enough] and alter the ownership and file mode...

The shell script would be something like this (needs to be tested!!!):
Code:
for FILE in "$(find /var/www -maxdepth 2 -name ".htaccess")"
do
# Echo the files found
        echo $FILE
# Chown the files found
#        chown root.root $FILE
# Chmod the files found
#       chmod 0755 $FILE
done
exit 0
This above script will search all /var/www plus it will go one directory down.... assuming that you have the setup something like this:

/var/www
--> /var/www/web1
--> /var/www/web2
--> /var/www/web3

If you have the user webfolder in something like this:
--> /var/www/web3/html
Then alter the maxdepth limitation... I'm not sure if the above example is already set to one level deep or not...
Hence I did comment out the actual chownin and chmodding... first use the echo
Reply With Quote
Reply

Bookmarks

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Statistic not working mzo Installation/Configuration 49 20th April 2011 12:19
spamassasin/clamAV not working Daisy Installation/Configuration 32 15th February 2007 00:09
Systemimager (rsync) doesn't copy all comedit HOWTO-Related Questions 11 19th January 2007 17:17
HotSaNIC domino Tips/Tricks/Mods 23 6th November 2006 05:19
jamed up my table borders?? Boon-Dog-Danny Installation/Configuration 5 23rd September 2006 16:12


All times are GMT +2. The time now is 00:23.

Contact Us - HowtoForge - Linux Howtos and Tutorials - Archive - Top

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.