it is safe to chmod this file ??

kuwaitnt

Well-Known Member
Oct 13, 2003
75
0
156
hello please i want get help


it is safe to chmod this files

/bin to 750
/sbin to 710
/usr/bin/perl 750


and if i change the permissions are there any thing will faile


i need to do this to fix cgitelnet.pl issue

many time i see some one try to hacking my server with this tool

i have search there are no fix by change file and folder perm.



thanks
 

kuwaitnt

Well-Known Member
Oct 13, 2003
75
0
156
/usr/bin/perl 750 when i do it cpanel show internal server error i back it to 755

but are there any one can help and say it is safe or not

i dosn't mean the cgitelnet scripts i mean system file or scipts does it work ??

i make this perm. to not let perl or php scripts to use shell command
 

AndyReed

Well-Known Member
PartnerNOC
May 29, 2004
2,221
4
193
Minneapolis, MN
kuwaitnt said:
/bin to 750
/sbin to 710
/usr/bin/perl 750

and if i change the permissions are there any thing will faile

i need to do this to fix cgitelnet.pl issue

many time i see some one try to hacking my server with this tool
Changing the permission on these files is not the best way to stop hackers from accessing your server. Your best option is to secure your server.
 

kuwaitnt

Well-Known Member
Oct 13, 2003
75
0
156
:) it is secure but iam suffer from perl only

if you have any help about secure the perl i will be fine from hackers


iam secure every thing only perl i cant stop it because cpanel is run on perl so i can't deal very will with it :(


thanks for replay
 

dave9000

Well-Known Member
Apr 7, 2003
891
1
168
arkansas
cPanel Access Level
Root Administrator
Instead of trying to fix the symptoms why not fix the cause ?

How is the cgitelnet.pl getting loaded onto the server ?

then block access for them to upload it
 

kuwaitnt

Well-Known Member
Oct 13, 2003
75
0
156
some of our client use old upload scripts

i have suspend this hosting but how can i insure there are my clients can't use old insecure upload scripts so that i should disable perl to run shell command
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,465
30
473
Go on, have a guess
You cannot prevent perl from running shell commands without breaking your OS, unless you setup some kind of chroot environment for apache, which you can't do on a cPanel server.

As dave9000 said, you have to stop your users using them. That's where your hosting AUP comes in and if you find such a script you suspend their account - there's little else you can do.