This file is indexed.

/etc/sbox/sbox.conf is in sbox-dtc 1.11.7-1build1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
# SBOX configuration file
# This file let you set different limits of the sbox cgi-bin wrapper
# Toggles can have values of On/Off, 1/0, Yes/No
# Variable names are set to CASE_INSENSITIVE

#******************* UID/GID CONFIG ******************#

# user that the Web server runs as
web_user dtc

# group that the Web server runs as
web_group dtcgrp

# allows scripts to be executed if owned by WEB_USER or WEB_GROUP
allow_web_owned_scripts Off

# lowest UID that we will suid to
uid_min 100

# highest UID that we will suid to
uid_max 65535

# lowest GID that we will sgid to
gid_min 100

# highest GID that we will sgid to
gid_max 65535

# Determine whether to use the ownerships of the script or the _directory_
# that the script is found in for the SUID/SGID IDs. If off, it will use
# the UID/GID of the script, if On, it will use the directory UID/GID
sid_mode_directory Off

#******************* PATH CONFIG ******************#

# If set to on, then the user's script will have limited access to
# only the paths defined in safe_path
use_safe_path Off

# SAFE_PATH -- this is the path that will be placed in the environment.
# Script will be running chroot to the user's home directory, so these 
# directories may not be available.
safe_path "/bin:/usr/bin:/usr/local/bin"

# LOG_FILE  -- log what sbox does.  If undefined, won't log.
#              If an empty string, logs to standard error.
log_file "/var/log/sbox.log"

# To help debugging, you might want to print the environment
# variables on sbox.log. To do so, set to "on" bellow.
do_log_envvars Off

# ECHO_FAILURES  -- If set to 1, will echo fatal error messages
#              to the browser.  Set to FALSE to inhibit error messages.
echo_failures On

#******************* CHROOT CONFIG ******************#

# DO_CHROOT -- if set to 1, sbox will
# do a chroot to the user's home directory.
do_chroot On

# ROOT
# Directory to which sbox will chroot(), relative to the author's
# document root.
root ".."

# CGI_BIN
# Directory in which users' executables must reside, relative to their
# document root.  For best results, this must be contained within ROOT.
#cgi_bin "../cgi-bin"
cgi_bin "../html"


# DO_SUID and DO_SGID -- if set to 1, sbox
# will SUID and/or SGID to the user and group ownership of
# the _directory_ in which the target script is found
do_suid Off
do_sgid Off

#******************* RESOURCE LIMITS ******************#
# Soft limits can be increased by the application.  Hard limits cannot be
# changed.

# Whether or not you want to set limits at all.
# If your sytem does not have <sys/resource.h>, then you will
# need to set this to 0.
set_limits On

# priority
priority 10

# maximum CPU time in seconds
limit_cpu_hard 1200
limit_cpu_soft 100

# maximum size of a single file that can be created (blocks) * 1024
limit_fsize_hard 204800 # This is 200MB
limit_fsize_soft 102400 # This is 100MB

# maximum amount of in-memory data * 1024
limit_data_hard 81920 # This is 80MB
limit_data_soft 10240 # This is 10MB

# maximum stack size * 1024
limit_stack_hard 81920 # This is 80MB
limit_stack_soft 10240 # This is 10MB

# core dump size * 1024
limit_core_hard 0 # 0 = don't allow core dumps
limit_core_soft 0 # 0 = don't allow core dumps

# maximum memory ("resident set") usage * 1024
limit_rss_hard 81920 # This is 80MB
limit_rss_soft 20480 # This is 20MB

# max number of processes script can spawn
limit_nproc_hard 2560
limit_nproc_soft 320

# max number of open file descriptors
limit_nofile_hard 2560
limit_nofile_soft 320

# PHP interpreter path
php_path "/usr/lib/cgi-bin/php"

# Python interpreter path
python_path "/usr/bin/python"

# Perl interpreter path
perl_path "/usr/bin/perl"

# Ruby interpreter path
ruby_path "/usr/bin/ruby1.8"