Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

cPanel virtfs vs. Jailed Shell (Bug?)

Discussion in 'Security' started by tuxinside, Jan 25, 2013.

  1. tuxinside

    tuxinside Registered

    Joined:
    Jan 25, 2013
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi all,

    In the last few days I noticed one of my servers, the Virtual File System used by cPanel was activated for some of my clients.

    Given that, and by the rule, never give SSH access to customers, i went to WHM in order to verify that I had cheated in some configuration option.

    All configuration and settings were perfectly correct.

    Then I checked on the "Manage Shell Access", if was activated by distracting both "Normal Shell" or "Jailed Shell," for Customers in question.

    No, all clients of this server were set to "Disabled Shell."

    Well, given all the initial screening did that, i evaluate the problem further.

    1- I tested SSH access with a user who was set to "Disabled Shell."
    I managed to access the server and "/home/virtfs" was automatically created with the user's homedir, a virtual copy of the system was set up for that user and the file "/proc/mounts" was writen with /home/virtfs/user dir mounted.

    2 - This way, I could prove that cPanel doesn't preserve the settings and configurations that i applied.

    3 - So, the SSH access settings, or what kind of Shell has a specific user in the system are stored in "/etc/passwd", I edited this file and found the following:
    foo:x:501:501::/home2/foo:/usr/local/cpanel/bin/noshell​

    3 - In particular, it drew attention to me a lot: "/usr/local/cpanel/bin/noshell"

    4 - Because most of my servers are with Debian, the syntax used here, is not the standard way.

    5 - Well, the resolution to this, was to replace:
    /usr/local/cpanel/bin/noshell​
    BY​

    /sbin/nologin​

    I tested again with an SSH connection with the same user and the result was expected, could not logges in with SSH.
    I tested access via cPanel and FTP, with this user and the connection was made without problems.

    Conclusion:
    I think the "noshell"developed by cPanel to implement the "Jailed Shell", is not working properly, or has a giant bug, which for the most inattentive user, can even be a serious security issue and endanger the server.

    Greetings.
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,585
    Likes Received:
    439
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,569
    Likes Received:
    45
    Trophy Points:
    308
    cPanel Access Level:
    Root Administrator
    The noshell feature we provide allows users to upload files using SFTP. What you are seeing is "by design."
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice