LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 09-11-2006, 03:25 PM   #1
eugene2008
LQ Newbie
 
Registered: Jul 2006
Posts: 8

Rep: Reputation: 0
JAIL CHROOT analog in windows apache?


VDS, WINDOWS2003, XAMPP, PHP5,MYSQL,FULL ACCESS
I can still get access to other users folders
By this hacking tool http://bbpress.automattic.com/attach...34/remview.php

Tried to jail each user in his own folder by VirtualDocumentRoot, thought it might help but alas but no can do yet, DocumentRoot does not unserstand % masks

VirtualDocumentRoot "C:/aweb/freehosting/users/%1" with varaiable works just fine but not php_admin_value switch
php_admin_value open_basedir "C:/aweb/freehosting/users/%1" – this stuff does not work…. Is there any other way to solve my problem?

Php error says
Warning: Unknown: open_basedir restriction in effect. File(C:/aweb/freehosting/users/zxc/zzz.php) is not within the allowed path(s): (C:/aweb/freehosting/users/%1) in Unknown on line 0

Warning: Unknown: failed to open stream: Operation not permitted in Unknown on line 0

Warning: Unknown: open_basedir restriction in effect. File(C:/aweb/freehosting/users/zxc/zzz.php) is not within the allowed path(s): (C:/aweb/freehosting/users/%1) in Unknown on line 0

Warning: Unknown: failed to open stream: Operation not permitted in Unknown on line 0

Warning: Unknown: Failed opening 'C:/aweb/freehosting/users/zxc/zzz.php' for inclusion (include_path='.;C:\server\xampp\php\pear\') in Unknown on line 0




Httpd-vhosts.conf
###################################################
<Directory "C:/aweb/freehosting">
Options Indexes Includes FollowSymLinks ExecCGI
AllowOverride all
Order allow,deny
Allow from all
</Directory>

<VirtualHost *:80>
ServerName pcsny.org
ServerAlias www.pcsny.org
DocumentRoot "C:/aweb/freehosting"

php_admin_value open_basedir "/"
Options +FollowSymLinks
RewriteEngine On
RewriteRule ^/users/([^/]+)(/(.*))?$ http://$1.pcsny.org/$3 [R=301,L]
RewriteCond %{HTTP_HOST} ^pcsny\.org
RewriteCond %{REQUEST_URI} ^(.*)
RewriteRule (.*) http://www.pcsny.org/%1 [R=301,L]
</VirtualHost>

<VirtualHost *:80>
ServerName pcsny.org
ServerAlias *.pcsny.org
VirtualDocumentRoot "C:/aweb/freehosting/users/%1"

php_admin_value open_basedir "C:/aweb/freehosting/users/%1"
</VirtualHost>

####################################################


if I do DocumentRoot

<VirtualHost *:80>
ServerName pcsny.org
ServerAlias *.pcsny.org
#VirtualDocumentRoot "C:/aweb/freehosting/users/%1"
DocumentRoot "C:/aweb/freehosting/users/%1"
#php_admin_value open_basedir "C:/aweb/freehosting/users/"
php_admin_value open_basedir on
</VirtualHost>



server says on subdomain zxc.pcsny.org

Object not found!

The requested URL was not found on this server. If you entered the URL manually please check your spelling and try again.

If you think this is a server error, please contact the webmaster.
Error 404
zxc.pcsny.org
09/11/06 20:45:55
Apache/2.2.2 (Win32) DAV/2 mod_ssl/2.2.2 OpenSSL/0.9.8b mod_autoindex_color PHP/5.1.4



VirtualDocumentRoot "C:/aweb/freehosting/users/%1"
#DocumentRoot "C:/aweb/freehosting/users/%1"
#here I manually set to users folder where every user is being stored
#it more secure but not yet full enough to me, I want to jail them in their #folders

php_admin_value open_basedir "C:/aweb/freehosting/users/"

after that if Hacking tool Remview.php goes upper than "C:/aweb/freehosting/users/"
says

Can't open directory C:/aweb/freehosting/
Reason:
Warning: is_dir() [function.is-dir]: open_basedir restriction in effect. File(C:/aweb/freehosting/) is not within the allowed path(s): (C:/aweb/freehosting/users/) in C:\aweb\freehosting\users\zxc\remview.php on line 425




How to jail them in their folders?
How to allow people to use more .htaccess but still it would be secure for my server and other people?

I want to allow them to mod_rewrite and other useful stuff
 
Old 09-18-2006, 10:57 PM   #2
kuitang
Member
 
Registered: Sep 2005
Distribution: Slackware, Ubuntu, OS X
Posts: 58

Rep: Reputation: 15
This is an Apache on Windows problem, not a Linux problem. Notice "Linuxquestions.org;" hmm...
 
Old 10-06-2006, 03:31 PM   #3
c0by
LQ Newbie
 
Registered: Oct 2006
Posts: 1

Rep: Reputation: 0
Quote:
Originally Posted by kuitang
This is an Apache on Windows problem, not a Linux problem. Notice "Linuxquestions.org;" hmm...
This apache issue is relevant for linux and bsd.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Chroot jail Gimpy Linux - Software 10 05-07-2010 02:30 PM
Chroot jail pachanga Linux - General 12 09-26-2008 06:15 AM
chroot jail for apache dcdbutler Linux - Networking 3 04-02-2006 03:04 PM
Jail and chroot rogk Linux - Security 2 10-16-2005 03:20 AM
chroot jail etc. f1uke Linux - Security 5 08-24-2005 04:12 AM


All times are GMT -5. The time now is 11:55 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration