This is why I say that it can stop stealing other users' data via shell or cgi.Originally posted by jamesbond
I don't think I quite follow what it is supposed to do then.
If you don't run phpsuexec, people can still use php scripts to snoop around, as user nobody, in other users' directories, right?
cPanel.net Support Ticket Number:
You can use "php open_basedir Tweak" to avoid bad php scripts.
cPanel.net Support Ticket Number:
That script is only chmoding the existing user directories 711. It's not chowning or chmoding the existing public_htmls to owner.nobody 750. Is there a separate script to do that?Just the scriptOriginally posted by mmkassem
Do I have to recompile apache or just use:
/scripts/enablefileprotect
?
Originally posted by goodmove
Just the script
That script is only chmoding the existing user directories 711. It's not chowning or chmoding the existing public_htmls to owner.nobody 750. Is there a separate script to do that? [/QUOTE]
pico /scripts/enablefileprotect
You will see at the bottom:
chmod 0711, $homedir;
chown $useruid,$httpgid, "${homedir}/public_html";
chown $useruid,$httpgid, "${homedir}/public_html/_vti_pvt";
chmod 0750, "${homedir}/public_html";
try to update the scripts (/scripts/updatenow)
cPanel.net Support Ticket Number:
You can now reverse the changes that /scripts/enablefileprotect makes with a new script that they just added called /scripts/disablefileprotect.
It was causing the majority of our cgi scripts to stop working. But after running the disabler all was well.
cPanel.net Support Ticket Number:
LinkBack URL
About LinkBacks
Reply With Quote