The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

CloudLinux update for Bash [beta] to address Shellshock - Is anyone using it?

Discussion in 'CloudLinux' started by mtindor, Oct 1, 2014.

  1. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,281
    Likes Received:
    37
    Trophy Points:
    48
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    Those who use CloudLinux likely are aware that CL released an updated [beta] version of Bash which apparently closes up the Bash vulnerability by disabling function imports via environment variables. However, there is an apparent caveat that some scripts on servers could stop working. I know that CL posted that this version of bash "should" be compatible with cPanel, but I'm wondering if anyone has actually tried out the Bash beta available from CL?

    Beta: Better fix for Shellshock bash vulnerability

    Is anybody on here using it? If so, would you care to share your thoughts regarding any breakage?

    M

    - - - Updated - - -

    I haven't seen any statement from Redhat or CentOS or cPanel regarding the ramifications of disabling bash function imports on RH/CentOS or on cPanel servers specifically, but it sure would be nice if the vendors would release some sort of statement that can give us hosting providers an idea of what we might be in for if we attempt to use bash with the function imports disabled by default.

    M
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    CloudLinux posted the following as a comment on the link you provided:

    Thank you.
     
  3. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,281
    Likes Received:
    37
    Trophy Points:
    48
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    Michael,

    Indeed I saw that. But that really doesn't answer the question at hand. "haven't fully tested" could very well mean "haven't tested at all" and it wouldn't be a lie. That's why I [and probably others] are interested in hearing from those who are already using the beta Bash on their CL/cPanel servers in a production shared hosting environment.

    Yep, I'm wanting to benefit from others experience before taking the plunge myself. Maybe that's selfish, but not everyone can be / wants to be the guinea pig.

    And, since the disabling of function imports has been widely discussed in relevant places as a method of blocking any shellshock-related exploits, vendors [RH / CentOS / other distro providers / cPanel / other hosting platform providers] should consider releasing a statement regarding the likelihood of their customers seeing breakage.

    CL is the only player [relevant to those running cPanel] who has released a version of bash that goes to this extent thus far, but it could end up being adopted by RH / CentOS as well. So it certainly wouldn't hurt to hear from vendors.

    M
     
  4. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,281
    Likes Received:
    37
    Trophy Points:
    48
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    On a couple of CloudLinux servers I have installed the bash available from the CL beta/testing repository. So far so good. I've yet to get any complaints from my clients, and I haven't spotted anything bad in the error logs that I've looked at. That doesn't mean that this version is 100% trouble free. It just means that I have not noticed any issues in the past 24 hours nor have I heard any complaints from my clients since updating to that version of bash.

    It still would be nice to get some input from others running the bash from the CL beta repository. I'm sure people are.

    m
     
  5. cmanns

    cmanns Member

    Joined:
    Nov 22, 2006
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Yeah we are using it so far with no complaints, most clients don't do much ssh functions or odd cPanel functions.

    Currently using a bunch of the beta CL repo... not many complaints except (personally) OptimumCache-
     
Loading...

Share This Page