"Protection against a fool" or how to prohibit changing / deleting important folders
Good time of day.
Historically, for my small projects I keep a virtual machine. However, since I do not use its resources 100%, I decided not to be greedy and let a few friends hang out. There are not many sites, I don’t take money for hosting, that's why I decided to put something like cpanel overkill. In addition, I am their those who prefer to customize everything manually. The structure chose the following:
And then the question arose: how to prevent the user from deleting / renaming folders in sitename.ru? If the web folder is missing, both apache and nginx will issue a warning, but they will still be loaded. But if you delete / move the logs folder, then apache and nginx will not start due to an error (for me, rather strange behavior). The hostuser folder is completely owned by this user and his personal group ( hostuser: hostuser ), which means that if he wishes, he can delete any internal folder / file, even if it belongs to the superuser. So how to prevent the removal / movement so that the user (by accident or on purpose) does not break the entire hosting?
After a short googling solution was found. In addition to standard permissions and acl, in file systems such as ext2, ext3, ext4, additional attributes can be set for the file. Read more about all attributes on the Wiki , or man chattr . We are also interested in the immutable attribute. This attribute for a file or folder can only be set by the superuser. If you assign an immutable attribute to a file, then this file cannot be changed or deleted (and even the superuser will not be able to do this until it removes this attribute). If you assign the attribute immutable to a folder, then this folder cannot be deleted, and the structure inside it cannot be changed. Thus, it turns out that if we need to protect the sitename.ru folder and the structure inside it, we need to execute a simple command:
')
To remove an attribute, you must use the -i flag.
If you need to protect only one folder (for example, logs ), you can do the following:
Actually, you can put a “protection against a fool” (even with the superuser rights).
Thanks for attention.
Paying attention!
It is important to understand that this article is not about information security . The lock on the mailbox is information security . The glass on the fire alarm button is foolproof .
If you create a .keep file and give it the -i attribute, the folder itself can be moved and the file can be transferred. You can not delete the file itself and the folder structure to this file.
If you need a more reliable level of security, use the immutable attribute with mount --bind . With this bundle, you can configure protection against intentional structure changes.
Historically, for my small projects I keep a virtual machine. However, since I do not use its resources 100%, I decided not to be greedy and let a few friends hang out. There are not many sites, I don’t take money for hosting, that's why I decided to put something like cpanel overkill. In addition, I am their those who prefer to customize everything manually. The structure chose the following:
/home/hostuser/vhosts/sitename.ru/{tmp,web,logs} And then the question arose: how to prevent the user from deleting / renaming folders in sitename.ru? If the web folder is missing, both apache and nginx will issue a warning, but they will still be loaded. But if you delete / move the logs folder, then apache and nginx will not start due to an error (for me, rather strange behavior). The hostuser folder is completely owned by this user and his personal group ( hostuser: hostuser ), which means that if he wishes, he can delete any internal folder / file, even if it belongs to the superuser. So how to prevent the removal / movement so that the user (by accident or on purpose) does not break the entire hosting?
After a short googling solution was found. In addition to standard permissions and acl, in file systems such as ext2, ext3, ext4, additional attributes can be set for the file. Read more about all attributes on the Wiki , or man chattr . We are also interested in the immutable attribute. This attribute for a file or folder can only be set by the superuser. If you assign an immutable attribute to a file, then this file cannot be changed or deleted (and even the superuser will not be able to do this until it removes this attribute). If you assign the attribute immutable to a folder, then this folder cannot be deleted, and the structure inside it cannot be changed. Thus, it turns out that if we need to protect the sitename.ru folder and the structure inside it, we need to execute a simple command:
')
chattr +i /home/hostuser/vhosts/sitename.ru To remove an attribute, you must use the -i flag.
If you need to protect only one folder (for example, logs ), you can do the following:
touch /home/hostuser/vhosts/sitename.ru/logs/.keep chattr +i /home/hostuser/vhosts/sitename.ru/logs/.keep Actually, you can put a “protection against a fool” (even with the superuser rights).
Thanks for attention.
Paying attention!
It is important to understand that this article is not about information security . The lock on the mailbox is information security . The glass on the fire alarm button is foolproof .
If you create a .keep file and give it the -i attribute, the folder itself can be moved and the file can be transferred. You can not delete the file itself and the folder structure to this file.
If you need a more reliable level of security, use the immutable attribute with mount --bind . With this bundle, you can configure protection against intentional structure changes.
Source: https://habr.com/ru/post/243889/
All Articles