By default, the “/bin/bash (chrooted)” shell is configured as the
default shell for scheduled tasks. This makes it so that commands run by
scheduled tasks only have access to the files contained within the
webspace associated with the subscription. This is an important security
measure that ensures that customers cannot use scheduled tasks to
disrupt the operation of the server or access files belonging to the
Plesk administrator or to other customers.
Note: This setting affects all subscriptions on the server, including those
owned by the Plesk administrator. It does not affect the scheduled
tasks created by the Plesk administrator in Tools &
Settings > Scheduled Tasks that are configured to run under the
root user.
The main reason you may want to change the default shell for scheduled
tasks is to give everyone on the server the ability to run commands via
scheduled tasks that have access to the whole file system of the server.
If you are not sharing the server with anyone, or if you trust the other
tenants, you can select a non-chrooted shell for
scheduled tasks. If you want to use a non-chrooted shell for scheduled
tasks but are unsure which one to choose, select “/bin/bash”.
On a shared hosting server, we recommend leaving the default shell for
scheduled tasks set to “/bin/bash (chrooted)”. If one of your
customers requires a non-chrooted shell for his or her scheduled tasks,
you can grant it on a subscription per
subscription basis.
Warning: Granting a customer access to any other shell than
“/bin/bash (chrooted)” gives them the ability to execute binaries
and access files and data that do not belong to them. This is a
security risk and may lead to the server being compromised.