Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Prevent mysql drop to shell?

Discussion in 'Security' started by rhm.geerts, Feb 13, 2014.

  1. rhm.geerts

    rhm.geerts Well-Known Member

    Joined:
    Jul 29, 2008
    Messages:
    93
    Likes Received:
    6
    Trophy Points:
    58
    Location:
    Maastricht
    cPanel Access Level:
    Root Administrator
    Suppose I need to change my mysql tmp directory from /tmp to /mysqltmp because it's filling up my secured /tmp directory (which is 4 GB).

    Isn't this causing a security issue, when a user drops to shell?
    So can yo explain what is to prevent a user from escaping to a MySQL Shell prompt (which can be easily done), and be able to list all of our customers backups?
    Do I have do certain things to prevent this?
     
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,749
    Likes Received:
    1,884
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello :)

    Could you provide an example of the exact commands you are running with shell access for a user that concerns you? The results should help give us a better understanding of the exact scenario you are describing.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. rhm.geerts

    rhm.geerts Well-Known Member

    Joined:
    Jul 29, 2008
    Messages:
    93
    Likes Received:
    6
    Trophy Points:
    58
    Location:
    Maastricht
    cPanel Access Level:
    Root Administrator
  4. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,749
    Likes Received:
    1,884
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    A user should not have access to the alternate temporary directory configured with MySQL. Feel free to let us know of a specific method to reproduce this issue so we can test further.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. rhm.geerts

    rhm.geerts Well-Known Member

    Joined:
    Jul 29, 2008
    Messages:
    93
    Likes Received:
    6
    Trophy Points:
    58
    Location:
    Maastricht
    cPanel Access Level:
    Root Administrator
    In that case I think there is no problem.
    I read that question from the other user and thought there might be an problem and just would like to know if he had a point,
    But then again... if there was an issue, it probably would also be present in the normal /tmp folder, because both are set 1777.

    Thank you for the quick reply's, we can consider this thread solved.
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice