Issue Composer Not Found PHP

[Peter Debik]

Actually, the most secure option is the chrooted shell. This jails the user to his own webspace. A webspace user should not be able to access anything outside of his own webspace. If you provide full access through another shell type, hackers will use this opportunity to install malware on your server. This will occur through unsecure or malicious plugins of the website software. Enabling full shell access can also lead to a total desaster as that user can then remove files and directories.

 

[LuigiMdg]

Ok, so I set up chroot, as I guessed, and then use the su command to log into root.
But at this point, couldn't hackers do the same?

 

[Peter Debik]

You cannot use a chroot shell to escalate to root.

 

[LuigiMdg]

You cannot use a chroot shell to escalate to root.

Sorry but I think you are confusing the other thread.
Here I don't need a limited user, but a user that replaces the root user, so that I can disable root access.

 

[Peter Debik]

When you login to a shell from within a subscription, your user account that logs in is the subscriber. When you chroot the environment, the subscriber is jailed to the subscription. The subscriber cannot escalate privileges to root.

 

[LuigiMdg]

Ok and here we are, but maybe you don't understand me?
I need to disable root, so first I need to create a user from which I can use the su command........

 

[Maarten]

I suggest adding a new user using the Linux commands:
# adduser anotheruser

Next, set a password:
# passwd anotheruser

And add the new user to the wheel group that allows the user to su to root:
# usermod -aG wheel anotheruser

That should be enough to ssh to the server with the new user and become root.