Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

New security advisor for symlink ownership attacks

Discussion in 'Security' started by airaid, Oct 12, 2016.

  1. airaid

    airaid Member

    Feb 18, 2014
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator
    I'm getting a new oddly worded security advisor which references documentation but doesn't actually link to any docs. I have no idea what it's referring to so can someone point me to the docs please? The security advisor:

    Kernel does not support the prevention of symlink ownership attacks.

    You do not appear to have any symlink protection enabled through a properly patched kernel on this server, which provides additional protect beyond those solutions employed in userland. Please review the following documentation to learn how to apply this protection.

  2. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Apr 11, 2011
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator

    Internal case CPANEL-9233 is open to improve the warning message when Security Advisor detects a lack of kernel support for symlink protection. The document you can reference for the symlink race condition itself is found at:

    Symlink Race Condition Protection - EasyApache - cPanel Documentation

    In addition, the following document provides information about the cPanel-provided kernel:

    How to Harden Your cPanel System's Kernel - cPanel Knowledge Base - cPanel Documentation

    I'll update this thread again once a resolution for CPANEL-9233 is published. Technical information about how this assessor looks for kernel-level symlink protection is available at:

    addon_securityadvisor/ at master · CpanelInc/addon_securityadvisor · GitHub

    Thank you.

    Update: The resolution to this issue was published to cPanel version 60, and the message is updated to look like this:

    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice