KernelCare installed (licensed) - Security Advisor warns no symlink protection

ronaldst · Jan 11, 2019

Security Advisor
Kernel does not support the prevention of symlink ownership attacks.

Can someone please explain to me why I am getting warnings in Security Advisor about no symlink protection?

Code:

[[email protected] ~]# kcarectl --check
The latest patch is applied.
[[email protected] ~]# kcarectl --set-patch-type extra --update
'extra' patch type selected
Downloading updates
Patch level 4 applied. Effective kernel version 3.10.0-957.1.3.el7
Updates already downloaded
Kernel is safe

The warning in Security advisor dissapears once I set the extra patch type. This has been done before, and seem to be "unset" at some point.

How is that possible? Does cPanel updates etc. disable KernelCare extra patch set?

cPanelLauren · Jan 11, 2019

Hello @ronaldst

ronaldst said:
Does cPanel updates etc. disable KernelCare extra patch set?

We do not in any way modify the patch type set for this. If it's being changed or removed it's being done when KernelCare updates.

Ultimately you shouldn't need to continuously be setting the patch type. Please feel free to open a ticket with us if your kernelcare license was purchased through us so we can look into this further.

Thanks!

Thread starter	Similar threads	Forum	Replies	Date
	KernelCare installed, cannot set patch type for symlink, unknown kernel	Security	6	Oct 7, 2019
Q	Installed Kernelcare, now don't have symlink protection?	Security	7	Jan 9, 2019
A	Installed KernelCare- still get warning	Security	4	Apr 28, 2018
Z	SOLVED Security Advisor "No symlink protection detected" Message When KernelCare + Extras Is Installed	Security	2	Jan 27, 2018
L	SOLVED Security Advisor Upgrade to KernelCare Message When KernelCare Is Installed	Security	5	Apr 20, 2017

Search

Search

KernelCare installed (licensed) - Security Advisor warns no symlink protection

ronaldst

Well-Known Member

cPanelLauren

Product Owner II