Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Any user can run /scripts ??

Discussion in 'General Discussion' started by dexus, Jan 10, 2009.

  1. dexus

    dexus Well-Known Member

    Joined:
    Jan 14, 2006
    Messages:
    170
    Likes Received:
    0
    Trophy Points:
    166
    cPanel Access Level:
    Root Administrator
    I just noticed that any user can execute files from /scripts folder, because they have attributes set to 0755/-rwxr-xr-x

    Why?
     
  2. rhenderson

    rhenderson Well-Known Member

    Joined:
    Apr 21, 2005
    Messages:
    785
    Likes Received:
    1
    Trophy Points:
    166
    Location:
    Oklahoma
    cPanel Access Level:
    Root Administrator
    They are set to 0755 so they can be executed but they are owned by root so root can execute them, nor just anyone.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. dexus

    dexus Well-Known Member

    Joined:
    Jan 14, 2006
    Messages:
    170
    Likes Received:
    0
    Trophy Points:
    166
    cPanel Access Level:
    Root Administrator
    No, those files have attributes set to 0755, that last number 5 mean that "Everyone can Read/Execute" so everyone can read and execute those files. I even tried to run those files as regular user and of course I can... Luckly most of those scripts open some other files that regular users don't have permission to read so most of those scripts are not working because of that, but I don't know are there maybe some of them that will maybe work, so I am just wondering why they have "Everyone" attribute set to "Read/Execute"
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice