| Posted by 50dh, 04-25-2012, 06:50 AM | | Someone now how to prevent a user to execute Perl script that list all the users in the server , the script contain the code : open (d0mains, '/etc/named.conf') or $err=1; and seem to bypass all cpanel securities stuffs , any idea how to resolve this ?
|
| Posted by Patrick, 04-25-2012, 06:56 AM | | That's not a security vulnerability.
Non root users have always been able to find out every domain hosted on your server, even every email account if they are crafty. It's necessary for particular files such as named.conf to be readable. There's no way around it without breaking particular aspects of cPanel and services that use it.
|
| Posted by 50dh, 04-25-2012, 07:09 AM | | Ok thanks Patrick for the reply , so it seems not dangerous , but do you know any tips to raise some alerts when a user execute a Perl script in his account ?
|
| Posted by Mr Terrence, 04-25-2012, 07:27 AM | | Here will be a better place for assistance with this; http://forums.cpanel.net/
|
| Posted by 50dh, 04-25-2012, 07:52 AM | | Already done , this is a thread in Cpanel Forums :
http://forums.cpanel.net/f5/re-preve...nf-221352.html
|
| Posted by Steven, 04-28-2012, 03:34 PM | | It very much is dangerous if you don't implement other security fixes, but not because it can simply read named.conf. That script, I am very familiar with. It's a script that is used to blindly create symlinks to files in other accounts which make them readable through apache.
There is a big thread on cpanel forums about it along with some patches.
|
| Posted by Patrick, 04-29-2012, 06:01 AM | | This is the thread Steven is referring to:
http://forums.cpanel.net/f185/how-pr...tml#post996441
The patch does work, not sure why cPanel hasn't implemented it into EasyApache...
|
|
 Add to Favourites
 Print this Article
|
