I have recently moved our non-cPanel website to a cPanel on Litespeed shared-host service.
We had several Mailman lists on the previous site. I managed to set these up on the new site and transfer the subscribers. But the sys admins have been unable to include our old archives in the new archives. Other than across the board failure to capture the old emails, there has been considerable variation among the list. Some lists created empty archives when directed to do so, and are now storing new emails. Some other lists have failed to set up archives, one giving a 403 error, the other a 404 error.
When I contacted the support desk for this service (after providing detail instructions on the mailman commands to run inorder to set up the archives), I got the following explanation
" There has been recent use of a type of exploit where using symbolic links could allow someone to read other files. As a result operating systems and web servers implemented a new feature to only follow symbolic links if the owners match. The problem being right now cPanel the owners are not matching causing this issue. We just cannot turn off this feature so we simply have no way around it."
That seems to transfer the responsibility for dealing with this problem to cPanel.
So, I'd like to know if this business with symbolic links has been reported as an issue, does it make sense as something that cPanel needs to address, and if so, is there any progress and expected date of resolution?
Thanks, Tara
We had several Mailman lists on the previous site. I managed to set these up on the new site and transfer the subscribers. But the sys admins have been unable to include our old archives in the new archives. Other than across the board failure to capture the old emails, there has been considerable variation among the list. Some lists created empty archives when directed to do so, and are now storing new emails. Some other lists have failed to set up archives, one giving a 403 error, the other a 404 error.
When I contacted the support desk for this service (after providing detail instructions on the mailman commands to run inorder to set up the archives), I got the following explanation
" There has been recent use of a type of exploit where using symbolic links could allow someone to read other files. As a result operating systems and web servers implemented a new feature to only follow symbolic links if the owners match. The problem being right now cPanel the owners are not matching causing this issue. We just cannot turn off this feature so we simply have no way around it."
That seems to transfer the responsibility for dealing with this problem to cPanel.
So, I'd like to know if this business with symbolic links has been reported as an issue, does it make sense as something that cPanel needs to address, and if so, is there any progress and expected date of resolution?
Thanks, Tara
