is correct users with jailshell can open /etc/passwd ??

000

Well-Known Member
Jun 3, 2008
427
18
68
in my server CentOs 7 we have some users with

jailshell

when they run the command
Code:
cat /etc/passwd
they can see ALL users and the complet file.

that is normal in LINUX ?

how I can avoid that?
 

GOT

Get Proactive!
PartnerNOC
Apr 8, 2003
1,758
313
363
Chesapeake, VA
cPanel Access Level
DataCenter Provider
Yes this is normal, and password hashes are not kept in this file.

If you want to be able to block that out, the I would suggest CloudLinux with CageFS.
 
  • Like
Reactions: cPJustinD

000

Well-Known Member
Jun 3, 2008
427
18
68
Yes this is normal
oh...

because we are VERY newbie for us are a sorpraise know that.

... in what cases some user (with jailshell) require open this file?

(this sound as a BUG in Linux; for what a user with jailshell require open this ¿? ...)
 

cPJustinD

Administrator
Staff member
Jan 12, 2021
285
45
103
Houston
cPanel Access Level
Root Administrator
Hello! This is an expected functionality as the cPanel user's interface requires access to /etc to pull necessary account information for the UI. The users shouldn't be able to see other users added by the system, however.

Additionally, as GOT mentioned, you can also convert to CloudLinux with CageFS to mitigate the issue if you'd like to avoid it altogether.

I hope that this helps. If you have any other questions or concerns, please let us know!