Knowledgebase

FTP Permissions & Executable Scripts

Posted by ashleyb, 12-12-2010, 02:06 PM
I was creating ftp accounts under my main domain account via Cpanel on my VPS. The accounts are for my freelance web designers. Each ftp account had their home directory in the public_html// folder so I could view the files live on the domain (in their own folders). The permissions seemed to be fine in FTP, the users could not modify files or travel outside of their directory. I wanted to see if the users were able to run system commands with a perl script (uploaded by them) accessed via a browser and when I tested a script, YES, IT WAS ABLE to run system commands and modify files OUTSIDE of their directory. I was really suprised. Is there any way to set it up to restrict the SCRIPT'S ACCESS to the ftp user directory only, when executed via a browser? I figured this would be a default security feature. Help!
Posted by foobic, 12-12-2010, 10:53 PM
All files in an account are owned by the (one) cPanel user and cgi scripts will run as the same user, so no, you can't restrict access to ftp accounts in the way you're wanting to do it. You need to set up each of your designers with an individual cPanel account of their own. You could set up each new account on a subdomain of your main domain name if you want.


Was this answer helpful?

Add to Favourites Add to Favourites

Print this Article Print this Article
Also Read
Im A Newbie, Please Help (Views: 548)
SolusVM - Creating OpenVZ VM gives weird results (Views: 6522)
Chronichosting Down (WORKING ON IT) (Views: 658)
how do you make good use of vpn for management ? (Views: 625)
Selecting a new Reseller Hosting Company that is Reliable (Views: 575)


Language:

Client Menu

 

Client Login

Email

Password

Remember Me

Search



  
 

Clients

Hosting

VPS Hosting

About Us

Contact Us

Copyright © 2015 DC International LLC in partnership with Bragin IT Solutions Inc. - All Rights Reserved.