Looks like a sure fire way to screw up your cPanel installation, unless you understand exactly what it does.
Well, it looks like LES secures binaries, paths, profiles, shells, and groups by setting chmod and immutable on significant things. Files/paths defined in opt.dat of the install. But I'm not so sure that these settings jive with what cpanel is expecting -- especially while running les --disable-all.
I could maybe see using this to secure binaries, but the rest scares me a bit as far as cpanel is concerned. My worry is in the disabling of LES that sets those paths,etc. to 755, when that may not have been the original permission. It's a one fell swoop type of thing that assumes a lot.
If I get time I'll look more closely, but for now I'm sticking to manually securing these items as needed. Just my $0.02
I could maybe see using this to secure binaries, but the rest scares me a bit as far as cpanel is concerned. My worry is in the disabling of LES that sets those paths,etc. to 755, when that may not have been the original permission. It's a one fell swoop type of thing that assumes a lot.
If I get time I'll look more closely, but for now I'm sticking to manually securing these items as needed. Just my $0.02
I have been running it since release with no issues. It doesn't seem to mess up anything in Cpanel.
S
Secret Agent
Guest
I'm assuming automatic cpanel updates should be off as well then correct? Anyway around this that you may know of?bman said:
