Hi, I have a little question about security in ISPconfig. There is a jailkit configuration for shell user, right it's a good system and it's working. But what if a malicious ssh user, which is stucked into jailkit, uploads a PHP shell like p0wnyShell in the web directory, then access this file ? I've tested and when you access the PHP file from a browser you have access to all the server, so jailkit can be bypass in 1 second. Is this a bad configuration in my ISPConfig setup or is this normal ? I don't have really search deeper, I ask question because I just realized
That's normal as the PHP daemon is not chrooted by default. Enable php-fpm chroot in the website options to run php-fpm chrooted as well. But be aware that this might require adjustments in the config of the website cms that you run, you must e.g. use 127.0.0.1 instead of localhost to connect to a MySQL database in this case.
And also all path set in the configuration file of the CMS has to be relative to chroot isn't it ? for example : /var/www/clients/client1/web1/web becomes /web
Thanks, I will change my opcache config. And last but not least, the open_basedir path need to be adjusted by hand in the vhost configuration admin of ISPconfig ? After I enable php-chroot path are always /var/www/clients.... Do you think of others settings ?
No, open_basedir is rewritten correctly when switching to/from chroot mode. What paths? I just verified again on a 3.2.25 box that the only instance of "/var/www/clients" in the php-fpm config file is to set the chroot path.
Those ones (as you said, seems to be only in the form, in the pool.d/web32 open_basedir directives are correct)