Sales:  800-573-7846 or Live Chat


KnowledgeBase Home | Contact | Glossary KnowledgeBase Home | Contact | Glossary
Search the KnowledgeBase Browse by Category
Article Details

Last Updated
30th of November, 2011

User Opinions (10 votes)
80% thumbs up 20% thumbs down

How would you rate this answer?
Not helpful

Jailshell is a level of shell (SSH) access that is easily implementable in cPanel. You can switch an account's shell access in WHM by navigating to Manage Shell Access, under the Account Functions header.

The way this level of access works in cPanel is that it creates a virtual file system for the shell user that only contains their own files and enough system files to perform basic system commands. For example, if you were to log into a jailshelled user, the only files you can view and edit are the files owned by that user in the /home/username directory. You can change directories to a virtual filesystem above that, but it only contains certain files, not the whole list expected if you were the root user.

-jailshell-3.2$ pwd
-jailshell-3.2$ ls
bin checkvirtfs dev etc generic home lib opt proc tmp usr var

As opposed to:

root [/]# pwd
root [/]# ls
./ .autofsck .gnupg/ .spamassassin/ aquota.user@ boot/ etc/ lib/ mnt/ proc/ sbin/ selinux/ sys/ usr/
../ .autorelabel .rnd bin/ dev/ home/ media/ opt/ root/ scripts/ srv/ tmp/ var/

The jailed shell filesystem only contains the files relevant to the user, and files that would normally contain more information only contain info that pertain to that user. For example, the /etc/localdomains file, which is owned by root:root but has world readable permissions, only shows:

-jailshell-3.2$ cat localdomains

Where as it shows all localdomains as the root user:

root [/]# cat /etc/localdomains

This limits the user with jailshell access to only modifying his or her files and the limited number of files necessary to perform any shell commands that he or she may need to do.

No attachments were found.