Why fresh Virtualmin does allow to browse files for all users from the beginning?

6 posts / 0 new
Topic locked
Last post
#1 Sat, 10/07/2017 - 04:30
sekijr

Why fresh Virtualmin does allow to browse files for all users from the beginning?

Ok... I installed new Debian 9. After that I installed Virtualmin from the installation script.

My big, BIG question is: Why going through default installation and only changing MySQL server's RAM usage from 2GB to 256MB it allows the very first user to read directories such as /etc, /var? Why does it have to be turned on by default and WHY for the sake of security it is not set up correctly?

I would like to finally solve this problem once and forever so please guide me WHAT OPTION do I skip when doing default installation so the first user (domain that I park in Virtualmin) won't be able to browse server files! And please fix that cause it wasn't happening 7 years ago when I started to use Virtualmin.

Sat, 10/07/2017 - 04:50
Joe
Joe's picture

My big, BIG question is: Why going through default installation and only changing MySQL server's RAM usage from 2GB to 256MB it allows the very first user to read directories such as /etc, /var? Why does it have to be turned on by default and WHY for the sake of security it is not set up correctly?

What does MySQL have to do with your question?

And, to the best of my knowledge, Linux permissions work correctly, and there are no known security vulnerabilities in the Linux kernel's implementation of permissions and ownership. If your virtualmin domain owner users can modify or read any sensitive file on the system, please report it.

I would like to finally solve this problem once and forever so please guide me WHAT OPTION do I skip when doing default installation so the first user (domain that I park in Virtualmin) won't be able to browse server files!

The defaults for user access in Virtuamin are as follows:

  1. File Manager - Domain owners are placed in their home directory, and by default have no access outside of it.
  2. FTP - Domain owners are chrooted into their home directory and by default have no access outside of it. Users with FTP access may login via FTPS (FTP with TLS encryption), SFTP (FTP over SSH on port 2222), or FTP.
  3. SSH - Domain owners are restricted by normal UNIX permissions. They can see outside of their home, but cannot modify files they do not own (as UNIX systems have done for longer than most of use have been alive). You may, if you wish, enable chroot jails for these users.

We recommend you give very untrusted users no ssh access (i.e. just give them FTP/File Manager access by setting their default shell to /bin/false). But, if you do want users to have ssh access, but you don't trust UNIX permissions, you can enable chroot jails for ssh. It's found in Server Templates->$templatename->Administration User->Chroot jail new domain Unix users?

"And please fix that cause it wasn't happening 7 years ago when I started to use Virtualmin."

I don't think you'd want us to go back to the way it was seven years ago. The default back then for all services was to use UNIX permissions for everything including FTP and the file manager. It required configuration changes to chroot those services, and it required quite a bit of configuration to enable ssh jails. We only automated ssh jails and started including it in the default installation in Virtualmin 6.

--

Check out the forum guidelines!

Sat, 10/07/2017 - 05:36
sekijr

I merely just said that DURING the installation I am changing only one setting - which is MySQL.

All I needed is a default setting where when installed out-of-the-box should be the highest security, isn't? After all when you want to enable something that lowers your security it's is entirely your choice as an admin, right? But by default it should be the highest security and it is not in my opinion... -_-

Sat, 10/07/2017 - 06:21 (Reply to #3)
adelphia
adelphia's picture

I've installed WM and VM on a couple of machines now on several occasions (only as I'm still learning it and not because of issues). You did start with a VIRGIN install of the OS didn't you? I mean, you hadn't installed any LAMP or anything like that PRIOR to installing WM/VM?

Chris: Adelphia Interactive
Desktop: Windows 10 Pro x64
Server: Ubuntu 16.0.4.2LTS
Webmin/Virtualmin: Latest (daily updates)

Sat, 10/07/2017 - 08:30 (Reply to #4)
sekijr

Of course. Always naked OS and the only thing I installed was mc.

Sat, 10/07/2017 - 18:22 (Reply to #5)
Joe
Joe's picture

That's the thing I'm trying to express: chroot jails for ssh users is not a security feature. You don't have a more secure system with ssh jails enabled. Some people prefer it, but it is not more secure.

Oh, and there is no option for it during install, but I think you can do the following to turn it on immediately after install:

# sed -i 's/defujail=0/defujail=1/' /etc/webmin/virtual-server/config

And, restarting Webmin.

Oh, actually it looks like there's a virtualmin command for it, too.

# virtualmin modify-template --id 0 --setting ujail --value 1

That's probably the better choice. (Note --id is the template ID, and 0 is for the default template...if you have more templates, you'd want to alter those, too.)

--

Check out the forum guidelines!

Topic locked