Announcement Announcement Module
Collapse
No announcement yet.
CageFS installation Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • CageFS installation

    About CageFS:
    =========
    CageFS is a virtualized file system which enables each user to have its own cage. Each customer will have its own fully functional CageFS, with all the system files, tools, etc...

    The benefits of CageFS are:
    ================
    1. User will not be able to see server configuration files, such as Apache config files.
    2. User won’t be able to see other users’ files and won’t be able to detect the presence of other users and their usernames on the server.
    3. Users will have limited view of /proc system and won’t be able to see other users’ processes
    4. Will prevent from symlink attacks.
    5. Only safe binaries are available to users

    Eventhough all users are in cage, they won’t feel that they’re restricted. CageFS will cage any script execution done via Apache, LiteSpeed, Cronjobs, SSH etc.


    To install CageFS:
    ===========
    $ yum install cagefs
    $ /usr/sbin/cagefsctl --init

    That last command will create skeleton directory that might be around 7GB in size. If you don't have enough disk space in /usr/share, use following commands to have cagefs-skeleton being placed in a different location:

    $ mkdir /home/cagefs-skeleton
    $ ln -s /home/cagefs-skeleton /usr/share/cagefs-skeleton

    On cPanel servers, if you will be placing skeleton into /home directory, you must configure the following option in:

    cPanel WHM -> Server Configuration -> Basic cPanel/WHM Setup -> Basic Config -> Additional home directories

    Change the value to blank (not default "home")

    Without changing this option, cPanel will create new accounts in incorrect places.
Tag Cloud Tag Cloud Module
Collapse
Working...
X