The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

cPanel virtfs vs. Jailed Shell (Bug?)

Discussion in 'Security' started by tuxinside, Jan 25, 2013.

  1. tuxinside

    tuxinside Registered

    Joined:
    Jan 25, 2013
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi all,

    In the last few days I noticed one of my servers, the Virtual File System used by cPanel was activated for some of my clients.

    Given that, and by the rule, never give SSH access to customers, i went to WHM in order to verify that I had cheated in some configuration option.

    All configuration and settings were perfectly correct.

    Then I checked on the "Manage Shell Access", if was activated by distracting both "Normal Shell" or "Jailed Shell," for Customers in question.

    No, all clients of this server were set to "Disabled Shell."

    Well, given all the initial screening did that, i evaluate the problem further.

    1- I tested SSH access with a user who was set to "Disabled Shell."
    I managed to access the server and "/home/virtfs" was automatically created with the user's homedir, a virtual copy of the system was set up for that user and the file "/proc/mounts" was writen with /home/virtfs/user dir mounted.

    2 - This way, I could prove that cPanel doesn't preserve the settings and configurations that i applied.

    3 - So, the SSH access settings, or what kind of Shell has a specific user in the system are stored in "/etc/passwd", I edited this file and found the following:
    foo:x:501:501::/home2/foo:/usr/local/cpanel/bin/noshell​

    3 - In particular, it drew attention to me a lot: "/usr/local/cpanel/bin/noshell"

    4 - Because most of my servers are with Debian, the syntax used here, is not the standard way.

    5 - Well, the resolution to this, was to replace:
    /usr/local/cpanel/bin/noshell​
    BY​

    /sbin/nologin​

    I tested again with an SSH connection with the same user and the result was expected, could not logges in with SSH.
    I tested access via cPanel and FTP, with this user and the connection was made without problems.

    Conclusion:
    I think the "noshell"developed by cPanel to implement the "Jailed Shell", is not working properly, or has a giant bug, which for the most inattentive user, can even be a serious security issue and endanger the server.

    Greetings.
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,448
    Likes Received:
    194
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
  3. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,458
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    The noshell feature we provide allows users to upload files using SFTP. What you are seeing is "by design."
     
Loading...

Share This Page