With the integrated FileBrowser in Virtualmin/Webmin and via FTP all works perfectly. The user can see only his folder.
But what happens if a user upload with FTP a PHPFilebrowser, his own File Browser or something like this. In my case he can browse through the whole file system and can see password etc.
They only have what permissions are granted to them by the Linux permissions scheme, which certainly isn’t going to allow them to view passwords (unless the passwords are stored in a world readable file, which is not the default).
Sensitive information should not be world readable. If in looking around, you feel otherwise, you’re certainly able to tweak the permissions on the various files.
By default, though, files that shouldn’t be readable by everyone aren’t set to be world readable.
Check to see if your web based FTP client gives you the ability to limit user’s access to only their home folder’s. In the past I have used net2ftp which has the ability to limit access to only home folders. You can also chroot (jail) a user into his home folder. This is what I have done for some of my user’s. My preferred way to limit access. But having said that I also want to point out chrooting is being discourage by Virtulamin’s developer Joe Cooper. You can search the forum as to why then make your own decision.
The virtualmin “File Manager” option gives users access to the complete filesystem as root. I can download /etc/shadow and see the contents. Shouldn’t this be restricted to the normal filesystem permissions the user normaly has?
The virtualmin “File Manager” option gives users access to the complete filesystem as root.
Hrm, I’m not seeing anything like that on my system. I just tested as a normal user, and the filemanager goes as far as preventing me from seeing anything other than my homedir.
Are you certain that the user in question doesn’t have sudo access, or otherwise isn’t considered a Master Admin?
when I log in as the user I can browse the complete filesystem and see all files.
When you say “log in as the user” – what are you referring to there, logging in over SSH? SSH doesn’t restrict users to a directory like FTP can, but you’d never be allowed to view a file that the filesystem permissions didn’t allow.
So if you can log in over SSH as a given user, and view the shadow file, that means that user, for whatever reason, has rights to see the shadow file
You may want to view the file permissions in question, as well as review the rights and groups of the user.
Sorry, what i meant is when I log in to virtualmin as the actual virtualmin user I can browse all files with the file manager. When I log in with SSH as the virtualmin user I can only see the files which I have permission for. I’m 100% sure the file and user permissions are correct, the file manager is running with root permission.
Sorry, what i meant is when I log in to virtualmin as the actual virtualmin user I can browse all files with the file manager. When I log in with SSH as the virtualmin user I can only see the files which I have permission for. I’m 100% sure the file and user permissions are correct, the file manager is running with root permission.
Alright, well, I can’t seem to reproduce the issue you’re seeing on any of my systems.
I’d be happy to look into that further, but to do so, I’d need to login to your system both as your test user who can see the shadow file, as well as root, in order to review the various permissions and settings in play.
If that’s okay, you can send me the login information for root and your test user via email using eric@virtualmin.com, and I’ll take a look.