Community Forums
Connect with us on LinkedIn
Community Notice
How to protect from perl scripts?
  
+ Reply to Thread
Results 1 to 3 of 3
  1. 11-22-2005 08:50 PM #1
    gvard
    gvard is offline
    cPanel Partner NOC cPanel Partner NOC Badge
    Join Date
    Dec 2003
    Location
    Athens/GREECE
    Posts
    166
    cPanel/Enkompass Access Level

    DataCenter Provider
    Send a message via ICQ to gvard Send a message via MSN to gvard

    Default How to protect from perl scripts?

    Greetings from Greece,

    I've been watching the forum for over a year now and I've:

    1) mounted /tmp with no executable rights
    2) chmoded wget to 700

    Of course I've added many other security measures (hired a technician, APF, etc).

    My question is the following: I saw last night a script which was run as "perl script.txt", which executed some code (which didn't have any success).


    How do we prevent users from running exploits via "perl -exploit-" command? Is there any way to disable the command "perl" for user "nobody" in the /tmp and /dev/shm folders?
    Sincerely,

    George Vardikos
    HyperHosting Internet Services
    Reply With Quote Reply With Quote
  2. 11-23-2005 10:53 AM #2
    dropby23
    dropby23 is offline
    Member
    Join Date
    Jan 2005
    Posts
    159

    Default

    you should use a kernel based solution like gr-security or search more about posix acl's
    Reply With Quote Reply With Quote
  3. 11-23-2005 11:49 AM #3
    chirpy
    chirpy is offline
    Super Moderator This forum account has been confirmed by cPanel staff to represent a vendor. chirpy's Avatar
    Join Date
    Jun 2002
    Location
    Go on, have a guess
    Posts
    13,495

    Default

    Generally speaking, though, there's little that you can realistically do as most measures are easily bypassed - such are the risks with shared web hosting. Your best efforts are probably to make sure that you don't have vulnerable scripts installed on the server (in particular php scripts since you're talking about them running under the nobody account) and installing mod_Security and using a good set of filters.
    Jonathan Michaelson

    Need your cPanel servers secured and tuned?
    cPanel Server Configuration, Security, Recovery and Antivirus/AntiSpam Services
    Developers of the most effective (and free) Firewall & Security Solution for cPanel Servers - csf
    http://www.configserver.com
    Reply With Quote Reply With Quote
«   Procmail alternative? | PHP cli upgrade »     
Similar Threads & Tags
Similar threads

  1. [absolute newbie] Automate account/popbox creation using /scripts perl scripts ?
    By PaulBBonline in forum New User Questions
    Replies: 2
    Last Post: 10-26-2009, 08:28 AM
  2. Perl Scripts...
    By MethOd63 in forum cPanel and WHM Discussions
    Replies: 2
    Last Post: 05-13-2008, 01:24 AM
  3. Perl Scripts Not work
    By 0xyGens in forum New User Questions
    Replies: 7
    Last Post: 04-19-2007, 01:35 PM
  4. Perl scripts not working
    By welo in forum cPanel and WHM Discussions
    Replies: 2
    Last Post: 09-21-2005, 08:36 AM
  5. MySQL 4 and Perl scripts
    By phpscott in forum cPanel and WHM Discussions
    Replies: 1
    Last Post: 04-16-2003, 02:21 PM
Linkedin       Facebook       Twitter       RSS       Flickr       YouTube