FutureQuest, Inc. FutureQuest, Inc. FutureQuest, Inc.
Knowledgebase: Pre-Sales FAQ
Others sharing server have access to my files?
Posted on 30 April 2005 04:13 PM
Question:

I was reading an FAQ on a competitor's site that said:

"Question: I was logged into my account and when I went up one level from my home or Web directory, I could see everyone else's files!"

"Response: This is a normal and reasonable security model. Files which are published by the Web server need to be publicly accessible, as the Web server software runs without any special privileges. Your files will not be subject to modification by other users on the server unless you have set the permissions specifically to allow that, or if the files have been created through CGI scripts running as user "nobody"."

Does this same situation exist at FutureQuest, where everyone I'm sharing a server with would have read access to the files for my domains and sub-domains?

Answer:

Unfortunately, the competitor's answer that you have cited is a common answer given by *many* Unix/Linux hosts. We are proud to say that this type of ability does _not_ exist on the FutureQuest Servers because FutureQuest's own team developed a system we call "Domain Lockdown" back in 1999. Simply put, Domain Lockdown prevents users from directory browsing through all of the other accounts on the server thereby preventing them from being able to view and download content not owned by them.

As a hosting provider with a focus on security, we feel it is important to protect all accounts and file contents (which often include sensitive information such as MySQL passwords, etc) from being viewed or downloaded by everyone else with access to that server. Sadly, many other hosts do not feel the same way and it is common practice to allow such activity.

You'll find that this attention to security along with other implementations of security measures are available with FutureQuest that are not seen with other hosts... Another example of FutureQuest's work in this area is our exclusive "Secure_Mode" feature. More information on this can be viewed at:
http://www.FutureQuest.net/Safe_Mode_Off.php