Posts by securityfocus

  • sftp support with InstantSSH plugin

    ok, i see, i did not correctly see how to identify if user was chrooted or not.
    i understand that due to permissions clientA cannot access clientB files, due to chmod permissions set.
    But what if you have two users on same domain?


    One question is left unanswered from my post - can you highlight here what to do please?
    imscp_sftp01 was created on same client domain, as imscp_sftp02.
    Is it possible to prohibit that user imscp_sftp01 can write in folder of imscp_sftp02? Both belong to same client domain, but are different sftp accounts. As seen from file list they have same uid and gid.


    Code
    1. drwxr-xr-x 6 vu2004 vu2004 4096 Jul 3 10:24 .
    2. drwxr-xr-x 14 root root 4096 Jul 3 10:24 ..
    3. drwxr-x--- 2 vu2005 vu2005 4096 Jul 3 10:24 imscp_ref_neu
    4. drwxr-x--- 2 vu2004 vu2004 4096 Jul 3 10:24 imscp_ref_web
    5. drwxr-x--- 2 vu2011 vu2011 4096 Jul 3 16:49 imscp_sftp01
    6. drwxr-x--- 2 vu2011 vu2011 4096 Jul 3 10:24 imscp_sftp02


    My Problem: As user imscp_sftp01 i could do a "mkdir /home/imscp_sftp02/test" and directory was created.
    Can it be prohibited?


    thank you
    MSU

  • sftp support with InstantSSH plugin

    yes, look here:



    same with:
    sftp [email protected]

  • sftp support with InstantSSH plugin

    Hello all,


    distribution: Ubuntu 16.04.2
    i-MSCP 1.3.16 with latest InstantSSH plugin v5.0.1


    we have InstantSSH plugin running on one server, and users can be created and i can login with defined password to their home directory.


    My problem is
    - that users do not get chrooted via sftp and i dont know the reason why that is not working.
    - and that user1 on client1 can read files from user2 on client1.


    i do get the imscp banner displayed after an ssh login.


    1) [email protected]:~# more /etc/ssh/sshd_config |grep sftp
    Subsystem sftp /usr/lib/openssh/sftp-server


    2) in imscp admin interface i did check the option "restricted access" as a reseller for the client.
    But still i have:
    Remote working directory: /home/imscp_sftp01
    instead /


    3) we use the default gui/plugins/InstantSSH/config.php file with
    'app_sections' => array(
    'bashshell',
    'netutils',
    'dnsutils',
    'editors'
    ),


    Is there a setting somewhere to enable more strict permission checks / chroot feature or should i play around with chmod only?


    thanks
    MSU

  • PhpSwitcher - Couldn't compile PHP 5.2.17 on Ubuntu 16.04

    hello,


    we installed a new vserver for testing imscp 1.4.3 and latest phpswitcher plugin 3.0.4:
    the compilation of php 5.2 failed with following error:


    > perl php_compiler.pl 5.2
    configure: WARNING: bison versions supported for regeneration of the Zend/PHP parsers: 1.28 1.35 1.75 1.875 2.0 2.1 2.2 2.3 2.4 2.4.1 (found: 3.0.4).
    configure: WARNING: flex versions supported for regeneration of the Zend/PHP parsers: 2.5.4 (found: 2.6.0)
    configure: error: freetype.h not found.
    make: *** [configure-5.2-stamp] Error 1


    i googled a bit, and didnt find a solution to this problem. Is there one?


    just to be complete i tried, but it didnt help.
    apt-get install libfreetype6-dev
    Reading package lists... Done
    Building dependency tree
    Reading state information... Done
    libfreetype6-dev is already the newest version (2.6.1-0.1ubuntu2.2).


    Thanks for your help!