polkit on CentOS 7 and CVE-2021-3560

vapetrov

Member
May 24, 2002
19
1
303
hello,

Current polkitd on CentOS 7 have serious vulnerability. Please see CVE-2021-3560.

In default CPanel installation pokitd running by default.

Is it necessary for CPanel/WHM working? What happened if I disable this polkitd?
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
6,981
921
313
cPanel Access Level
Root Administrator
Hey there! While this does run on CentOS 7 machines, it's not related to the functions of cPanel at all but to the OS itself. You can find an overview of what that tool does here:


I wouldn't recommend disabling it. RedHat has a patch at this time, although I didn't see one for CentOS just yet when I checked.