Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Permissions changing

Discussion in 'General Discussion' started by cem, May 25, 2006.

  1. cem

    cem Member

    Joined:
    Feb 8, 2004
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    151
    Hello,

    We are working on a script which has a feature to automatically create an email on the server. However to do this the script has to edit files on the server which are controlled by cPanel. The files that are controlled and should be edited are located in /home/user/etc/site.com

    We have to change permissions of this directory (/home/user/etc/site.com) to be able to edit the files, however everytime we change the permission from 755 to 777 cPanel changes is back to its original a day later.

    Can anyone confirm that cPanel is changing the permission? if so..
    Does anyone know which cPanel file is doing this permission change?
    Would it be against cPanel's policy to change this, so it will stop doing it?


    Thank you in advance for any help.

    Kind regards,

    Cem
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,460
    Likes Received:
    21
    Trophy Points:
    463
    Location:
    Go on, have a guess
    I presume this isn't in a shared hosting environment then as chmod 777 that directory will basically allow any user access to the other users accounts without restriction.

    It's probably being set by /scripts/mailperm or /scripts/upcp itself.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. cem

    cem Member

    Joined:
    Feb 8, 2004
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    151
    do you mean they will have access to everyones account if they have shell access? or also with ftp access?
    will they have access only to /home/$user/etc/$site.com ?

    thank you for the reply btw :)
     
  4. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,460
    Likes Received:
    21
    Trophy Points:
    463
    Location:
    Go on, have a guess
    They won't have access via FTP as that uses a chroot mechansims to stay within their site, but if they have shell access they'll be able to navigate into /home/$user/etc/$site.com, they'll also be able to do that using a perl CGI script too. You can restrict php somewhat to stay within a directory tree, but as has been shown recently, that restriction seems quite vulnerable.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice