The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How wise is the Security Advisor ?

Discussion in 'Security' started by lorio, Jun 13, 2016.

  1. lorio

    lorio Well-Known Member

    Joined:
    Feb 25, 2004
    Messages:
    243
    Likes Received:
    3
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    With the update to 56 the security advisor is starting to send emails with some hints.

    Some are confusing. E.g.

    Expected permission 331424370? Really?
    Any issues known in connection when running in a XenPV vm?

    The 0644 isn't very good either. Could it be that the permissions where changed when transferring account to this Cpanel server. Or a glitch in CentOS 6?
     
  2. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    942
    Likes Received:
    57
    Trophy Points:
    28
    cPanel Access Level:
    DataCenter Provider
    /etc/shadow is 0200 on my centos system... it should be no higher than 0600 ever (except on distros like ubuntu with a 'shadow' group in which case 0640 may be used). World read on shadow is a pretty bad scenario, regardless of how it happened.

    As far as the error, that's something else. I haven't seen that on any xen or kvm instances before, hopefully cPanel has some ideas there.
     
  3. lorio

    lorio Well-Known Member

    Joined:
    Feb 25, 2004
    Messages:
    243
    Likes Received:
    3
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Thanks for your answer. I had set back shadow to 0200. Let's see if others are getting similar recommendations from the security advisor.
     
    quizknows likes this.
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    Internal case CPANEL-6194 addresses an issue where if permissions are not 0200 or 0600 for /etc/shadow and/or 0600 for /etc/passwd, Security Advisor reports a message like this:

    Code:
     /etc/shadow has non default permissions. Expected: 463374770, Actual: 0644.
    I'll update this thread once the resolution is included with a public build of cPanel. In the meantime, you could follow the instructions on the Security Advisor GitHub repository if you want the latest changes before they are included with a published build of cPanel:

    GitHub - CpanelInc/addon_securityadvisor: Security Advisor for cPanel 11.40 and later (canonical upstream repo)

    The resolution is documented at:

    Corrected missprint of expected value for file permissions · CpanelInc/addon_securityadvisor@a227c66 · GitHub

    Thank you.
     
    quizknows likes this.
Loading...

Share This Page