How to disable Perl for all users?

konrath

Well-Known Member
May 3, 2005
366
1
166
Brasil
Hello

I want disable perl for all users. How to ? :confused:

Hackers are using perl files to change the index page of all
sites on the server.

If I put 750 permission to /user/bin/perl the WHM, CPANEL and WEBMAI stop
working.

I want no more keep PERL to my users. Perl is very insecure !!!!

Thank you
Konrath
 

konrath

Well-Known Member
May 3, 2005
366
1
166
Brasil
Hello

The AddHandler cgi-script .cgi .pl was removed from httpd but scripts in perl still working.

Another sugestion?

Thank you
Konrath
 

agressor

Active Member
May 15, 2005
34
0
156
if you remove from httpd.conf that line, hackers can add in .htaccess lines for execute cgi files with diferent extention like

AddHandler cgi-script .txt

and must be carfefull with allowoverirde because this can stop of work sites what use htaccess.


i create a thread there: http://forums.cpanel.net/f5/how-can-disable-cgi-bin-131657.html

but as u can see... the reply from tech.. is not satistactory. and the security problem still


Edit by cPanel staff:

the fix for me (for now) is: chmod -c 744 /usr/local/bin/perl
This will break cPanel. The permissions of the Perl binary file need to be left as 755 in order for cPanel to work. Changing the permissions of the Perl binary is not a valid way to secure your cPanel server.



cherss

Francisco.-
 
Last edited by a moderator:

JaredR.

Well-Known Member
Feb 25, 2010
1,834
27
143
Houston, TX
cPanel Access Level
Root Administrator
This will break cPanel

the fix for me (for now) is: chmod -c 744 /usr/local/bin/perl
This will break cPanel. Most cPanel functions run as the account user, and if the Perl binary file is not executable by anybody, errors will occur in cPanel. The permissions on the Perl binary file need to be left as 755 on a cPanel server.
 

Stefan

Member
Jul 24, 2003
6
0
151
cPanel Access Level
DataCenter Provider
Hello,

Do you have any update about this issue.
I have tried also to disable cgi from whm for an user , but it is still working.
On httpd.conf for that site i have :
"
Options -ExecCGI -Includes
RemoveHandler cgi-script .cgi .pl .plx .ppl .perl
"
but not result.

I need also an solution that cant be overwritten by an user from htaccess.

Thank you

Stefan
 

cPDan

cPanel Staff
Staff member
Mar 9, 2004
724
15
243
I'd start by revisiting the premise that “Perl is very insecure !!!!”:
1. You can do the same thing w/ a shell, php, ruby, python, etc etc.
2. They are probably leveraging a PHP exploit to, ultimately, execute arbitrary commands (that happen to be executing the perl binary in the case that prompted the question)

The real solution here is to harden PHP (how Apache runs it, what its allowed to do, etc) and make sure your users always update their PHP scripts.

Similar to my note here: http://forums.cpanel.net/f185/how-prevent-running-binary-files-178881.html#post1228062
 
  • Like
Reactions: postcd