View previous topic :: View next topic |
Author |
Message |
josepi -
Joined: 20 Jul 2006 Posts: 30
|
Posted: Thu Jul 20, 2006 7:42 pm Post subject: Help with Privileges |
|
|
I think u guys know the problem is that everyone i think having abyss webserver with php5 from here can be hacked with a simple shell
because i some websites the account example Demo can only view her root forlder example
My abyss server is configured at D:\
The Root folder is D:\root
and for other websites D:\root\~demo\
the user demo can simply load a shell into her hosting and go into D:\ and delete all
Because of Privileges But i think i dont know is to Make a hosting with Abyss And insert a Root folder where he cannot go to D:\ he can just go to D:\root\~demo
thats what i need to know if someone know |
|
Back to top |
|
|
AbyssUnderground -
Joined: 31 Dec 2004 Posts: 3855
|
Posted: Thu Jul 20, 2006 7:53 pm Post subject: |
|
|
Ah, a post I can understand!
The easiest way to do this, I think, is to enable "safe_mode" in the php.ini. I have this on my server and its been fine. safe_mode also disables other things too which could harm the system. Im almost 100% sure it disabled exec() because I have a small script which will not run with safe_mode enabled. _________________ Andy (AbyssUnderground) (previously The Inquisitor)
www.abyssunderground.co.uk |
|
Back to top |
|
|
josepi -
Joined: 20 Jul 2006 Posts: 30
|
Posted: Thu Jul 20, 2006 10:25 pm Post subject: |
|
|
ok thanks do you know how to make a email server |
|
Back to top |
|
|
AbyssUnderground -
Joined: 31 Dec 2004 Posts: 3855
|
Posted: Thu Jul 20, 2006 10:31 pm Post subject: |
|
|
josepi wrote: | ok thanks do you know how to make a email server |
Yes but it requires coding knowledge ;-)
Aaaah you mean downloading and installing one. Yes but its useless unless your IP isnt blacklisted, which, with a normal ISP, I can almost guarantee it is black listed (mine is, and theres nothing I can do about it). _________________ Andy (AbyssUnderground) (previously The Inquisitor)
www.abyssunderground.co.uk |
|
Back to top |
|
|
|