I got a small company that my friend and I currently own, we do web development and host our clients on a server we set up.
Server Info
Distro: Arch Linux
Web Server: NginX 1.0.15
Libraries:
PHP - 5.3.10
Perl - 5.14.2
Python - Python 3.2.2
Ruby - 1.9.3p125
Up until now, we've been the only users allowed in the server, and we haven't had any issues. But recently the need for the client to have access to their files have come up and we're having some issues trying to figure out how to secure the server.
So for starters, I created a sftp chroot environment for the user and only gave them access to their home folder.
Currently this is how our folder structure is laid out.
/srv/
drwxrwx--x 15 root adm 1024 Apr 30 00:54 http /srv/http/
drwxrwxr-x 4 http [site group ex. examplecom] 1024 Feb 6 20:42 [site ex. example.com] /srv/http/example.com
drwxrwxr-x 2 http [site group ex. examplecom] 1024 Apr 24 13:38 logs drwxrwxr-x 2 http [site group ex. examplecom] 1024 Apr 24 13:38 public_html This structure worked for us, it was organized and simple. But now that we have clients allowed to enter the server, we need to find a way to secure each site folder.
So one idea was to put each site folder in the home folder of each user. So the layout will look something like this:
/ (I'm not going to show everything)
drwxrwx--x 7 root adm 1024 Apr 29 21:51 home /home/
drwxrwx--x 2 root root 1024 Apr 30 00:54 [user] /home/[user]
drwxr-xr-x 2 http [site group ex. examplecom] 1024 Feb 6 20:42 [site ex. example.com] And the rest will look similar to "/srv/http/example.com". The user folder is root:root because they are chrooted.
This seems to work, and it prevents http from accessing "/home" and "/home/user". But the case if the user knows the user name and the site that falls under the user name, then the user can easily create a script with php or any of the libraries and access other sites by having that correct path.
Is there a solution to this problem?
As mentioned above, the user is sftp chrooted, but there is a chance that a future client might need ssh access.
Also, the "site group ex. examplecom", each domain has a group and that group is assigned to each domains folder. Each user has a the group added to them, so if client_a had access to "example.com", they will have the group "examplecom".
If there is any more information needed or if something needs to be clarified, please ask.
EDIT: If any one is curious, this is what the folder structur looks like now.
/srv/
drwxr-x--x 15 root adm 1024 Apr 30 00:54 http /srv/http/
drwxr-x--x 4 root adm 1024 Feb 6 20:42 [site ex. example.com] /srv/http/example.com
drwxr-x--- 2 root http 1024 Apr 30 18:06 logs drwxrwxr-x 10 http [site group ex. examplecom] 1024 Apr 29 23:57 public_html [link] [6 comments]