Shared hosting with SSH -- how to?
Posted: Thu Aug 07, 2008 2:27 am
My shared host offers me "limited" SSH access...while tinkering around the other day I realized how limiting they are when I tried to carry out some actions...none worked really.
I can't remember whaat I tried to do but the only thing I got working was untar-files, etc...
Once they have given me shell access...how do they prevent me from executing certain actions like...apt-get or others? Do they remove those tools completely? Do they creat proxy shell scripts to filter allowable input and execute the command that way?
Obviously I was unable to rm -R any files which were not mine (user: hockey) and everything inside my docroot was mine so only that was deleted. The root directory itself was 'root'.
How can you assign permissions for the various binaries on a typical web server? What are some of the ways of offering limited shell access to a system, short of removing the binary completely or setting execute permissions for only "some" binaries?
Would that proxy shell script actually work? That was just an idea that popped into my head I have no idea if it's effective or not.
I'm trying to mostly figure out why shared hosting would be so limited and virtual so much more flexible and of course dedicated allowing entire control of the system, even reboot, which I dought VPS would allow.
I can't remember whaat I tried to do but the only thing I got working was untar-files, etc...
Once they have given me shell access...how do they prevent me from executing certain actions like...apt-get or others? Do they remove those tools completely? Do they creat proxy shell scripts to filter allowable input and execute the command that way?
Obviously I was unable to rm -R any files which were not mine (user: hockey) and everything inside my docroot was mine so only that was deleted. The root directory itself was 'root'.
How can you assign permissions for the various binaries on a typical web server? What are some of the ways of offering limited shell access to a system, short of removing the binary completely or setting execute permissions for only "some" binaries?
Would that proxy shell script actually work? That was just an idea that popped into my head I have no idea if it's effective or not.
I'm trying to mostly figure out why shared hosting would be so limited and virtual so much more flexible and of course dedicated allowing entire control of the system, even reboot, which I dought VPS would allow.