Apache2 userdir in vsftpd ftpShared

dreamer.redeemer · 08-08-2008, 01:56 AM

I'm pretty new to linux, so I've been setting up this home server by the seat of my pants. I'm running a ubuntu gutsy gibbon lamp server with vsftpd, intended only for use of ftp and apache for now. I have user home directories set to /media/*/ftpShared/user. I placed the public_html directory in the user home directory. The permissions for ftpShared and user directories are 751 and public_html is 755. Does this situation pose any security risks? Thanks.

Mr. C. · 08-08-2008, 08:13 PM

Nothing obvious stands out. The chosen home directory paths are a little unorthodox (why not just /home ?), but insignificant.

I presume user's own their home and public_html directories, so they can write files. If user's aren't chroot'd into their home dirs, the only concern is a DoS via uploading very large files.

Do you allow shell access?

dreamer.redeemer · 08-09-2008, 05:08 PM

Thanks for the response. The user home directories are there because when I was setting that part up I didn't know how to get each directory to point to different disks. I wasn't aware of symbolic links, and I'm still not exactly sure how I'd do it anyway. Since it's already done I guess I'll worry about that next time. As far as shell access, I have ssh installed but I don't think it's configured to allow those users. I'll have to take a look at that. Thanks again!

Mr. C. · 08-09-2008, 06:00 PM

You're welcome.

The typical mechanism for mapping /home over separate disks is as you mentioned, via sym links. It looks generally like this:

Code:

$ ls -1 /disks/disk*
/disks/disk1:
user1
user2

/disks/disk2:
user3
user4

$ ls -l /home
... user1 -> /disks/disk1/user1
... user2 -> /disks/disk1/user2
... user3 -> /disks/disk2/user3
... user4 -> /disks/disk2/user4