Ok I am using ISPConfig and are allowing people access to CGI and Shell 1) Can my customers use cgi to harm my system 2) Can my customers use shell access to harm my system Thanks
Yes, if you done use SuExec. Yes. I would not give users shell access unless you recompile your SSHD to ebale chrooting of shell users and create chrooted accounts for your shell enabled users. Olease have a look at this howto: http://www.howtoforge.com/chrooted_ssh_howto_debian
Ok is SuExec covered by the perfect stup guide, or used by default on suse 10. IF not to both how do I use it and set it up Thanks
No. But you can enable suExec in ISPConfig under management > server > settings. I dont know of a howto for SuSe for chrooting SSH users. Maybe google a bit or try to adapt the DEBIAN howto.
During ISPConfig installation you must specify /srv/www as ISPConfig's document root instead of /home/www because SuSE's suExec is compiled with /srv/www as document root. Have a look at the suExec section on http://www.howtoforge.com/perfect_setup_suse_9.3_p6 And then, you have to enable suExec in ISPConfig, as Till said.
OK.. thanks... small problem though can I re-run the SuExec and specify that /home/www is the default folder... or change a config file somewhere.... rather than re-installing ISPC to change the web folder. Thanks
SuExec is compiled into apache, it is not configured in a config file. If you dont want to change your web root you will have to recompile your apache webserver and set the correct web-root as configure parameter.
