Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

/etc/trueuserowners readable by cPanel users?

Discussion in 'Security' started by Sujoy Dhar, Jun 28, 2018.

  1. Sujoy Dhar

    Sujoy Dhar Active Member

    Joined:
    Jul 24, 2016
    Messages:
    31
    Likes Received:
    5
    Trophy Points:
    8
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hi,

    Today one of my Cpanel user reported me that he is getting all the usernames of the server and the location of the file is here : .cpanel/caches/config/

    File :

    _etc_trueuserowners___ ........

    Now I have checked on the other cpanels and it is really strange that it is always creating on the new cpanel as well as old.

    So how to close this and also delete these files from the server?

    As I do afraid that if anyone uses Brute Force he can be logged into the several accounts if the server owner is using the same password for the cpanels.
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,350
    Likes Received:
    404
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Do you have any more details on how this can be duplicated?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,749
    Likes Received:
    1,886
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello @Sujoy Dhar,

    This topic was brought recently as part of internal case CPANEL-21379. It was determined that it's currently by design for the /home/$username/.cpanel/caches/config/etc_trueuserowners__$ file to exist under individual accounts. The /etc/trueuserowners file is read by individual cPanel users as part of functionality used to determine which data is displayed, and whether the account is the owner of a specific domain name. Multiple cPanel features rely on this functionality (e.g. Track Delivery, Branding).

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...
Similar Threads - trueuserowners readable cPanel
  1. ubuntu2018
    Replies:
    6
    Views:
    218

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice