Using Composer In Jailed SSH
Hello.
I was searching for keywords "composer jailed ssh" on this forum and return no result.
Due to my developer-friendly/oriented environment setup, I plan to give my shared hosting users a Jailed SSH + ! Almost every major exploit that I can think of in recent years for Linux, could have been done via a cron job, PHP, CGI (Perl), and Python to name a few. While yes, disabling SSH access does make it a tiny bit harder for an attacker to compromise your server... even a moderately experienced script kiddie would then try to run the exploit via PHP or a CGI to get around the lack of SSH access.
Thank you.
-
Hello, You may find the following CloudLinux links helpful: CageFS - Does it matter if user has Jailed or Regular shell? Thank you. 0 -
Hello, You may find the following CloudLinux links helpful: Jailed Shell + SSH key + Alternate SSH Port +
0 -
Hello, It looks like the second link wasn't loading properly. I've corrected my previous post to fix that: CageFS - Does it matter if user has Jailed or Regular shell? This should answer your question about normal shell versus jailed shell with CageFS. Thank you. 0 -
Hello. [quote]Inside CageFS jailshell acts same as regular shell -- as it has no real reason to exist. CageFS already provides \"jailed\" environment.
CloudLinux always create inter-marriage problems and reinvent the wheel like PHP selector vs EasyApache4 now CafeFS vs WHM Jailed SSH Tweak. That's why I got confused. I think I get it now, you can mark this thread as solved. Cheers! Thank you.0
Please sign in to leave a comment.
Comments
4 comments