The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Permission to read?

Discussion in 'Security' started by NemoXP, Sep 9, 2012.

  1. NemoXP

    NemoXP Active Member

    Joined:
    Feb 25, 2010
    Messages:
    43
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Constanta, Romania, Romania
    cPanel Access Level:
    Root Administrator
    Hello.
    How can this be possible? /http://pastebin.com/eNsaskfs

    Quotes from php file:

    @$passwd = fopen('/etc/passwd','r');
    ...
    $dirz = '/home/'.$username.'/public_html/';
    if (($username != ''))
    {
    if (is_readable($dirz))
    ...
    Then it reads files and tries a "ftp_check($username,$pass);" based on some config files found...

    Please, tell me how it is possible for a normal cpanel user to read files from another cpanel user?!

    I believe this is a very important security problem.
     
  2. tecsys

    tecsys Member

    Joined:
    Sep 9, 2012
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Nashik.India
    cPanel Access Level:
    Root Administrator
    If /home/user has 711 permissions access can be restricted a bit. Is this code from a phpshell ?
     
  3. NemoXP

    NemoXP Active Member

    Joined:
    Feb 25, 2010
    Messages:
    43
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Constanta, Romania, Romania
    cPanel Access Level:
    Root Administrator
    All users have 711. The code is from my server (which not very long time ago was hacked through a Wordpress buggy theme, and that script)
     
  4. borgia

    borgia Member

    Joined:
    Jun 27, 2012
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I don't think is possible (it depends what security you have deployed, and of course to check every file that is uploaded to your server) . Can you post the code to check? Any way, if you limit where php script is going (just to /home/user and /tmp) that script can't do what are you saying the script did.

    P.S Sorry for my bad English.

    Regards,
    George B.
     
  5. stevensen2

    stevensen2 Registered

    Joined:
    Aug 25, 2012
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    I don't think is possible.
     
  6. Eric

    Eric Administrator
    Staff Member

    Joined:
    Nov 25, 2007
    Messages:
    745
    Likes Received:
    11
    Trophy Points:
    18
    Location:
    Texas
    cPanel Access Level:
    Root Administrator
    Howdy,

    This didn't work for me. I'd have to set /home to some risky perms for it to work.

    Thanks!
     
  7. NemoXP

    NemoXP Active Member

    Joined:
    Feb 25, 2010
    Messages:
    43
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Constanta, Romania, Romania
    cPanel Access Level:
    Root Administrator
    @borgia: What security measures to take?
    @Eric: tell me please what permissions are set to /home (in your case). I have 755 (user root, group root)
     
  8. Eric

    Eric Administrator
    Staff Member

    Joined:
    Nov 25, 2007
    Messages:
    745
    Likes Received:
    11
    Trophy Points:
    18
    Location:
    Texas
    cPanel Access Level:
    Root Administrator
    Howdy,

    I have:

    Code:
    grimlock ~ # stat /home/
      File: `/home/'
      Size: 135168    	Blocks: 272        IO Block: 4096   directory
    Device: 811h/2065d	Inode: 2           Links: 37
    Access: (0711/drwx--x--x)  Uid: (    0/    root)   Gid: (    0/    root)
    Access: 2012-09-10 07:59:07.979625236 -0500
    Modify: 2012-09-10 00:36:11.985048978 -0500
    Change: 2012-09-10 00:36:11.985048978 -0500
    
    Thanks!
     
  9. NemoXP

    NemoXP Active Member

    Joined:
    Feb 25, 2010
    Messages:
    43
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Constanta, Romania, Romania
    cPanel Access Level:
    Root Administrator
    it still works with 711
    Can you please tell me permissions to other folders in /home ?
    something like /home/user/public_html
    Please tell me permissions, user and group for /home/user and public_html
     
  10. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,458
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    0711 permissions don't prevent access, they prevent discovery (i.e. users cannot ls -lah on /home or subdirectories that don't have user or group access to).

    Likely the public_html directories have 0755 permissions. You might be able to change to 0750, but without knowing all your needs and wants related to your server I cannot advocate you make that change.

    After directory permissions, the permissions of the file(s) are also important. 0644 perms are wide open for access. 0640 is better. 0600 is best.

    We highly recommend using Apache handlers that allow you to restrict and remove permissions on web content. For example FastCGI and suPHP.
     
Loading...

Share This Page