Re: [OT] FTP user permissions

If you mean classic FTP, yes this is a huge security risk because the password is sent in plaintext over the wire. Nobody should be using classic FTP for anything unless there is no other option. The alternatives are ftps (SSL+classic FTP) or sftp (SSH with file-transfer subsystem). Everyone should be using sftp, and ideally connecting with an authorized_key instead of a password.

If you trust them enough to let them run scripts on the server, then presumably you trust them enough to also log into the server as the Plesk website user. In that case you can just configure sftp for that user so that they are pushing files to "sftp://website-user@webhost/htdocs/cgi" or something like that. SSH has various directory permissions that must be maintained for that to work, but should be doable. The files will arrive as the correct user, so no changes are needed to Apache.

My preferred CGI design is to have one user or group owning the files and a *different* user lacking any write permission executing the files. See if Plesk will let you configure it that way. (I've never used Plesk)

Keep in mind that you need to trust this user to also be cgi-savvy and not open any security holes of their own! The old CGI pattern of doing things where a directory contains a mixture of code and static content and is writable as the user executing the script has a long track record of vulnerabilities. There's a reason everyone moved to application frameworks deployed in containers from version control.

Comment on Re: [OT] FTP user permissions

Replies are listed 'Best First'.
Re^2: [OT] FTP user permissions by Bod (Parson) on Dec 16, 2024 at 21:57 UTC
Everyone should be using sftp Unfortunately, Plesk only allows SFTP for the system user. When an FTP account is created in Plesk, it doesn't seem to create an account in the normal way. It appears to be some kind of alias. When I use `id username` I do not get `username:username` but instead the sub account and a Plesk defined group. Instead, I have tried creating an SFTP account manually which works and gives access to the entire server. When I restrict access using a `Match` command in `/etc/ssh/sshd_config`, it goes back to being read only.	[reply] [d/l] [select]
Re^3: [OT] FTP user permissions by NERDVANA (Priest) on Dec 19, 2024 at 02:41 UTC
The manual option requires fiddling with some permissions on a normal OpenSSH system. Here're the relevant bits for the servers I manage: /etc/ssh/sshd_config `AllowGroups ... ssh-ftp-only ... ... Match Group ssh-ftp-only ChrootDirectory %h ForceCommand internal-sftp -d upload PermitTTY no` [download] Then add your user to that group, and set their shell to `/usr/local/sbin/scponlyc` if available. Then you need these permissions on their home directory: `drwxr-x--- 5 root user 4096 Jun 12 2017 /home/user/ drwx------ 2 root root 4096 Nov 7 2016 /home/user/.ssh drwxr-xr-x 2 user user 4096 Feb 27 2020 /home/user/upload` [download] This is because letting them modify their own .ssh directory or create a /lib directory within their chrooted home would also let them escape the chroot, so ssh checks for those cases before letting them write anything. When they connect, the current directory will be the chroot's /upload directory, and that will be the only directory they can write.	[reply] [d/l] [select]
Re^3: [OT] FTP user permissions by afoken (Chancellor) on Dec 17, 2024 at 09:36 UTC
Unfortunately, Plesk only allows SFTP for the system user. When an FTP account is created in Plesk, it doesn't seem to create an account in the normal way. It appears to be some kind of alias. When I use id username I do not get username:username but instead the sub account and a Plesk defined group. What a mess. For me, that alone would be an argument not to use Plesk. Alexander -- Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)	[reply]
Re^4: [OT] FTP user permissions by Bod (Parson) on Dec 29, 2024 at 00:33 UTC
What a mess. For me, that alone would be an argument not to use Plesk For many years, I struggled with shared hosting. Much as I knew I really needed a better solution (read VPS) I was very concerned that having full access could easily mean I could break something! Also, if something is wrong, it's down to me to fix it... The move was forced on me when UK2 changed away from cPanel and broke every one of our sites because they stopped Perl working in the manner it previously was. So we decided to move, and over a weekend, I worked continuously to move all our essential production sites to a VPS. That VPS comes with Plesk. Although I could use a different management platform, it seems easier to use the one they provide. We don't currently have the luxury of a staging or test server so whatever I do has to be done without risking our production environment... There are two major issues that I haven't been able to sort out. FTP access and `.htaccess` files - as soon as I enable `RewriteEngine On` I get a 403 error, so we have lost all our SEO friendly vanity URLs. If my Linux knowledge was good enough, or I thought I could get it good enough, I might drop Plesk and configure the server manually but that's not an option.	[reply] [d/l] [select]