cc - should I chmod it to 000?

**hostito** · 05-21-2003 09:46 AM

I was thinking of chmoding all my *cc* binaries to 000 to protect against hacks, but I fear that this could break some of the cpanel functions.

I read that this:

1. Make a different /tmp partition.
2. via fstab, ensure that you have nosuid,nodev for /tmp.
3. chmod 000 /usr/bin/*cc*

Tends to prevent most hacks.

Does any one have any suggestions or tips from experience reagrding this?

Thanks

cPanel.net Support Ticket Number:

**Kyle** · 05-21-2003 04:11 PM

You will need to chmod 700 /usr/bin/*cc* to update cpanel (if i remember correctly), just chmod 000 /usr/bin/*cc* afterwards.

cPanel.net Support Ticket Number:

**casey** · 05-21-2003 07:51 PM

Actually, updating cpanel works fine for me with 000 permissions. It's installing perl modules or whathaveyou that needs the 700 permissions.

cPanel.net Support Ticket Number:

**Juanra** · 05-21-2003 08:27 PM

/usr/bin/*cc* isn't just compilers btw.

cPanel.net Support Ticket Number:

LinkBack

Thread Tools