Article 8187 at 06/12/14 18:02:15 From: kristian.eklund (at mark) monostar.net Subject: [coba-e:08187] Re: Shell security

Index: [Article Count Order] [Thread]

Date:  Thu, 14 Dec 2006 09:36:42 +0100
From:  Kristian Eklund <kristian.eklund (at mark) monostar.net>
Subject:  [coba-e:08187] Re: Shell security
To:  coba-e (at mark) bluequartz.org
Message-Id:  <45810D1A.5020306 (at mark) monostar.net>
In-Reply-To:  <200612140304.kBE344G6066981 (at mark) info.eis.net.au>
References:  <200612140304.kBE344G6066981 (at mark) info.eis.net.au>
X-Mail-Count: 08187

> I just had the web developer for one of the virtual sites tell me that when
> he telnets into the BQ server he can roam around all the other sites and
> look at their files etc. Is the shell environment on BQ logins meant to be
> sandboxed/chroot for security purposes?

First of all, turn off telnet immediately and only use SSH.

Second, nope, the logins are not chrooted.

/Kristian