The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Permissions changing

Discussion in 'General Discussion' started by cem, May 25, 2006.

  1. cem

    cem Member

    Joined:
    Feb 8, 2004
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    Hello,

    We are working on a script which has a feature to automatically create an email on the server. However to do this the script has to edit files on the server which are controlled by cPanel. The files that are controlled and should be edited are located in /home/user/etc/site.com

    We have to change permissions of this directory (/home/user/etc/site.com) to be able to edit the files, however everytime we change the permission from 755 to 777 cPanel changes is back to its original a day later.

    Can anyone confirm that cPanel is changing the permission? if so..
    Does anyone know which cPanel file is doing this permission change?
    Would it be against cPanel's policy to change this, so it will stop doing it?


    Thank you in advance for any help.

    Kind regards,

    Cem
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    I presume this isn't in a shared hosting environment then as chmod 777 that directory will basically allow any user access to the other users accounts without restriction.

    It's probably being set by /scripts/mailperm or /scripts/upcp itself.
     
  3. cem

    cem Member

    Joined:
    Feb 8, 2004
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    do you mean they will have access to everyones account if they have shell access? or also with ftp access?
    will they have access only to /home/$user/etc/$site.com ?

    thank you for the reply btw :)
     
  4. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    They won't have access via FTP as that uses a chroot mechansims to stay within their site, but if they have shell access they'll be able to navigate into /home/$user/etc/$site.com, they'll also be able to do that using a perl CGI script too. You can restrict php somewhat to stay within a directory tree, but as has been shown recently, that restriction seems quite vulnerable.
     
Loading...

Share This Page