Every customer with ssh access can access /etc
/usr etc...
and there are so many more pressing issues at hand!
Thank you very much for your enlightenment !
Hehehe…You’ve gotten the wrong point from matti’s post, Renato!
He was telling you that your concerns are misplaced–these are not the security issues you believe them to be. UNIX permissions have been serving us well on multi-user systems for over 30 years. As long as you, as the root user, don’t do something stupid with sensitive data, it’s perfectly safe for your users to be able to look around the filesystem.
Everything that is sensitive, like passwords, for example, are encrypted and unreadable by normal users in the /etc/shadow file.
The other point matti was making was that even if you chroot your ssh users (removing privilege separation features from ssh, among other security features), they can STILL see anything on the system as long as they can run scripts via the web server. This is as true on cPanel as it is on any other system running a web server with script execution. Just think it through–Apache runs scripts as the user. There are dozens of “shell in a browser” scripts out there…install any one of them, and you have “access” to everything, just like you do via ssh. We must rely on UNIX security to protect those files from malicious intent (cPanel also must rely on UNIX security for this–just because an ssh login can’t see it, if the account allows arbitrary scripts to be installed, this capability exists).
So the two points matti was making are:
cPanel is giving you an illusion of security by chrooting your ssh logins. It is merely an illusion. The real security comes from a combination of UNIX permissions, OpenSSH having a good security history, privilege separation in OpenSSH (which chrooting it removes from the equation, taking away one of the real security features and replacing it with an illusory one), and SuExec in the webserver.
cPanel does not prevent your users from seeing those files any more than Virtualmin does. It just chroots ssh. The user still has everything they need to see those files, if they can run scripts via the web server (and if the user needs and warrants having ssh, he’s definitely a user that is demanding arbitrary script installation and execution).
In short, don’t panic. We’ve been letting untrusted users poke around in /usr and /etc for over 30 years, and the world has not ended. This is the UNIX security model. Don’t fight it. Everything will be fine.