Welcome to the most active Linux Forum on the web.
Go Back > Forums > Linux Forums > Linux - Server
User Name
Linux - Server This forum is for the discussion of Linux Software used in a server related context.


  Search this Thread
Old 08-03-2010, 05:18 PM   #1
Registered: Nov 2005
Distribution: Fedora 4
Posts: 40

Rep: Reputation: 15
Question Apache Virtual Hosting security with SuExec: file and directory permissions

Hello, I have a question pertaining to Apache virtual hosts.

I am currently running a 4-year-old server (Fedora Core 4) hosting about 80 websites configured as Apache 2 virtual hosts and running PHP. (this server also runs BIND, Sendmail, and a CGI webmail program). I have a brand new server that I want to migrate these sites to. I am trying to learn the best way to secure this server. Currently I'm using PHP safe_mode (which is deprecated in the newest versions of PHP), but not much else, and I'm not happy with this setup.

I have read a ton of documentation about SuExec and suPHP, and as I can tell, they are very similar in their function.

To test various options, I have implemented a CentOS 5 install on my new server, with Virtualmin and its default modules installed using the Virtualmin installer script. It automatically installed and configured Apache with SuExec enabled for the /home directory. I have tested and this works great: users' PHP scripts are run with their user credentials instead of the 'apache' user. So far, this is as it should be.

However, I'm seeking to add more security because I don't like the idea of my hosting users being able to read /etc/passwd or list all the mail files in /var/spool/mail. Also, I have no idea what files in /etc (or any other directories) could possibly contain passwords or other sensitive information, so I'd rather err on the side of caution by blocking access to any unnecessary directories and files.

In my tests, I created a PHP file on one virtual host which simply takes an input and 'exec's it. I could exec such things as 'cat /etc/passwd' and 'ls /var/spool/mail' and see the entire output because these files/directories have world readable permissions. However I could not execute such commands as 'cat /etc/shadow' since that file is not world-readable.

My real question is this: what files/directories can I remove world-readable permissions from without breaking the O/S? Apache apparently requires world-readable permission on /etc because it stopped serving pages when I removed this permission .

I just don't feel comfortable with users being able to see *everyone's* username and get a list of everyone's email addresses by looking in /var/spool/mail. I'm sure there are other files which users shouldn't see as well. I'm just not sure where they are.

So the real question is:
If you wanted to secure such a server, which directories and files could be set as non-world-readable without compromising system stability?

Or is there a better way?

Thank you very much for any information!

Old 08-03-2010, 06:47 PM   #2
Registered: Feb 2010
Distribution: gentoo, arch, fedora, freebsd
Posts: 379

Rep: Reputation: 96
Or is there a better way?
use chroot
Old 08-04-2010, 08:41 AM   #3
Registered: Nov 2005
Distribution: Fedora 4
Posts: 40

Original Poster
Rep: Reputation: 15
Originally Posted by troop View Post
use chroot
Yes, I did research this option, but it seems to cause a lot of configuration snags (sendmail, DNS lookups, etc don't work due to the chroot jail, and have to be reconfigured in an unusual way).

I am wanting to run some sort of control panel for my users which can automatically create the domains and modify settings for them w/o the need for them to edit config files. I currently use Virtualmin/Webmin and it works quite well (not to mention free). Not sure how this would handle chrooted Apache install.

So what about directory security? Does it even matter if users can see /etc/passwd? Are there other common files which could potentially expose sensitive information and which can have their permissions tightened?

Additionally, what problems can you see with giving users shell access? (we currently do NOT allow shell access) What could they potentially do with limited accounts?

Maybe this question should have been posted in the Security section because I'm really trying to determine how to best lock down my directory structure regardless of the means by which users access the system. So if this is done right, users should be able to access the system via SSH, FTP, etc. without being able to damage anything or view confidential information. Am I missing something here?


Last edited by krasl; 08-04-2010 at 08:45 AM. Reason: Added a question


apache, directory, host, security, suexec, virtual

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Config file for Apache name-based virtual hosting mnm_mc Linux - Software 5 03-22-2006 03:29 AM
SuExec with Apache: permissions denied bmorel Linux - Software 1 05-25-2005 05:33 AM
Apache, suexec and virtual hosts :\ chibi Linux - Software 1 05-02-2005 12:17 PM
Apache 2 Suexec PHP and Virtual Hosts codedv Linux - Software 2 02-26-2004 04:56 PM
Webmin Vitualmin SUEXEC Apache Virtual Named Based Server Setup Questions ? Confused! wishiwas Linux - Software 0 12-02-2003 09:47 PM > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 06:49 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration