The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

PHPSUEXEC and attack issues...

Discussion in 'General Discussion' started by jozeph, Sep 29, 2005.

  1. jozeph

    jozeph Well-Known Member

    Joined:
    Apr 16, 2004
    Messages:
    59
    Likes Received:
    0
    Trophy Points:
    6
    Hi,

    I came across myself with a problem...
    Using phpsuexec disabled, know problems is visible, as users reading other owned php files, etc. But, you can disabled resource as not allow users to change safe_mode even using php_admin_value or php_flag.

    With phpsuexec enable, many this permissions problems is solved, but others appear! :/

    With phpsuexec and a php.ini on directory of php file you can disable safe_mode again and read /etc/passwd files for example.

    I want to you how I can enable permanently safe_mode and how I can use SUEXEC and PHPSUEXEC with CHROOT, using jailshell for example. So I will do not have hack issues on machine.
     
  2. DigiCrime

    DigiCrime Well-Known Member

    Joined:
    Nov 27, 2002
    Messages:
    399
    Likes Received:
    0
    Trophy Points:
    16
    Can you tell me how you can disable phpsuexec? Far as I know it cant be disabled by a user
     
Loading...
Similar Threads - PHPSUEXEC attack issues
  1. ApparentMedia
    Replies:
    1
    Views:
    425
  2. sahostking
    Replies:
    5
    Views:
    31,383

Share This Page