The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to protect from perl scripts?

Discussion in 'General Discussion' started by gvard, Nov 22, 2005.

  1. gvard

    gvard Well-Known Member
    PartnerNOC

    Joined:
    Dec 22, 2003
    Messages:
    195
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Athens/GREECE
    cPanel Access Level:
    DataCenter Provider
    Greetings from Greece,

    I've been watching the forum for over a year now and I've:

    1) mounted /tmp with no executable rights
    2) chmoded wget to 700

    Of course I've added many other security measures (hired a technician, APF, etc).

    My question is the following: I saw last night a script which was run as "perl script.txt", which executed some code (which didn't have any success).


    How do we prevent users from running exploits via "perl -exploit-" command? Is there any way to disable the command "perl" for user "nobody" in the /tmp and /dev/shm folders?
     
  2. dropby23

    dropby23 Well-Known Member

    Joined:
    Jan 16, 2005
    Messages:
    155
    Likes Received:
    0
    Trophy Points:
    16
    you should use a kernel based solution like gr-security or search more about posix acl's
     
  3. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Generally speaking, though, there's little that you can realistically do as most measures are easily bypassed - such are the risks with shared web hosting. Your best efforts are probably to make sure that you don't have vulnerable scripts installed on the server (in particular php scripts since you're talking about them running under the nobody account) and installing mod_Security and using a good set of filters.
     
Loading...

Share This Page