The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

New security advisor for symlink ownership attacks

Discussion in 'Security' started by airaid, Oct 12, 2016.

  1. airaid

    airaid Member

    Feb 18, 2014
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator
    I'm getting a new oddly worded security advisor which references documentation but doesn't actually link to any docs. I have no idea what it's referring to so can someone point me to the docs please? The security advisor:

    Kernel does not support the prevention of symlink ownership attacks.

    You do not appear to have any symlink protection enabled through a properly patched kernel on this server, which provides additional protect beyond those solutions employed in userland. Please review the following documentation to learn how to apply this protection.

  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Apr 11, 2011
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator

    Internal case CPANEL-9233 is open to improve the warning message when Security Advisor detects a lack of kernel support for symlink protection. The document you can reference for the symlink race condition itself is found at:

    Symlink Race Condition Protection - EasyApache - cPanel Documentation

    In addition, the following document provides information about the cPanel-provided kernel:

    How to Harden Your cPanel System's Kernel - cPanel Knowledge Base - cPanel Documentation

    I'll update this thread again once a resolution for CPANEL-9233 is published. Technical information about how this assessor looks for kernel-level symlink protection is available at:

    addon_securityadvisor/ at master · CpanelInc/addon_securityadvisor · GitHub

    Thank you.

Share This Page