Menu
▾
▴
Re: [webmin-l] privacy question
|
From: Russ F. <rus...@gm...> - 2006-07-31 17:40:04
|
I can through all virtual hosts doing this on each user. If I do, =20 dovecot will no longer serve imap for any of those users. Do you think a basic level of security should be part of the default =20 setup for a virtual server? John Hinton suggested this change: > > Inside of Apache 2 conf. > > <IfModule mod_userdir.c> > # > # UserDir is disabled by default since it can confirm the presence > # of a username on the system (depending on home directory > # permissions). > # > UserDir disable This will affect web access to folders, but does not affect local =20 access. As it is at the moment, when I install two virtual servers, their =20 users can mutually browse directories and files. --r On 31 Jul 2006, at 18:21, Jamie Cameron wrote: > Have you tried setting mode 711 instead? That allows anyone to =20 > chdir to the directory, but not list it .. > > - Jamie > > On 31/Jul/2006 10:09 Russ Ferriday wrote .. >> For either of the chmod versions, I get the following in /var/log/=20 >> maillog >> >> Jul 31 16:37:12 air660 dovecot: chdir(/home/topia/homes/russf) =20 >> failed with uid 509: Permission denied >> Jul 31 16:37:12 air660 imap-login: Login: russf.topia [::ffff:=20 >> 86.128.111.255] >> Jul 31 16:37:12 air660 dovecot: child 25628 (imap) returned error 89 >> >> Bear in mind my original problem, also. Users on virtual hosts, =20 >> can by default read other users' homes, because permissions in =20 >> general are 755. >> >> Thanks for looking at this. >> >> --r >> >> On 31 Jul 2006, at 17:32, Jamie Cameron wrote: >> >>> On 31/Jul/2006 08:34 Russ Ferriday wrote .. >>>> >>>> Dovecot does not run as soon as I do either of >>>> chmod o-rx /home/<virtdomain> >>>> or >>>> chmod o-rx /home/<virtdomain>/homes/user >>>> >>>> Is there a recommended way of preventing a virt domain user =20 >>>> being able to see the data of another virt domain user? >>>> >>>> >>> That is quite surprising, as Dovecot usually runs with the =20 >>> permissions of the user >>> who is logged in via IMAP or POP3. What exact error message are =20 >>> you getting from it? >>> >>> - Jamie >>> >> >> > > ----------------------------------------------------------------------=20= > --- > Take Surveys. Earn Cash. Influence the Future of IT > Join SourceForge.net's Techsay panel and you'll get the chance to =20 > share your > opinions on IT & business topics through brief surveys -- and earn =20 > cash > http://www.techsay.com/default.php?=20 > page=3Djoin.php&p=3Dsourceforge&CID=3DDEVDEV- > Forwarded by the Webmin mailing list at webadmin-=20 > li...@li... > To remove yourself from this list, go to > http://lists.sourceforge.net/lists/listinfo/webadmin-list =97=97=97=97=97=97=97=97=97=97=97=97=97=97=97=97=97=97=97=97=97 Russ Ferriday Topia Systems tel: (+44) (0) 2076 177758 mobile: (+44) (0) 7789 338868 skype: ferriday |
