We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
Security & Permissions Question Topic is solved
Security & Permissions Question
I have Vesta Panel, and i have created some user (let's say testuser for example).
Create a web, and put some files inside.
These files has the testuser as owner.
I Set the files permissions as rwx------ (700 - all permissions only for the owner-all other users deny any access)
I Checked that apache proccess run at apache user.
Even all these, the files still is accessible from web- the only way to make this files not accessible is to change owner or remove permissions even from the owner! Why? - is web users inherits the testuser permissions?!
Please help me to understand why this happens...
thank you
Create a web, and put some files inside.
These files has the testuser as owner.
I Set the files permissions as rwx------ (700 - all permissions only for the owner-all other users deny any access)
I Checked that apache proccess run at apache user.
Even all these, the files still is accessible from web- the only way to make this files not accessible is to change owner or remove permissions even from the owner! Why? - is web users inherits the testuser permissions?!
Please help me to understand why this happens...
thank you
Re: Security & Permissions Question
Why you want to remove the permission? I can't find any sense in your request.
-
- Support team
- Posts: 1096
- Joined: Sat Sep 06, 2014 9:58 pm
- Contact:
- Os: Debian 8x
- Web: apache + nginx
Re: Security & Permissions Question
Yes,
VestaCP-Users inherit permissions as they belong to the group that has web-server.
So if you want to remove a site from access over the web, you should chown it to a user/group that is not existing in VestaCP or just chmod 0000
VestaCP-Users inherit permissions as they belong to the group that has web-server.
So if you want to remove a site from access over the web, you should chown it to a user/group that is not existing in VestaCP or just chmod 0000
Re: Security & Permissions Question
Ok with this. But if i want my Vesta Users to have write permissions for example to a file and i dont want the web users have, how can achieve this?! the only solution is to change the owner of the file?
-
- Support team
- Posts: 1096
- Joined: Sat Sep 06, 2014 9:58 pm
- Contact:
- Os: Debian 8x
- Web: apache + nginx
Re: Security & Permissions Question
All VestaCP users belong to the webserver group so you can't have web access disabled for them... You will have to tinker alot with permissions yourself.
Re: Security & Permissions Question
Thank you for your answer. I will change the persmissions my self to strict the access! :)mehargags wrote: ↑Mon Jul 23, 2018 9:19 pmAll VestaCP users belong to the webserver group so you can't have web access disabled for them... You will have to tinker alot with permissions yourself.