The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Prevent mysql drop to shell?

Discussion in 'Security' started by rhm.geerts, Feb 13, 2014.

  1. rhm.geerts

    rhm.geerts Active Member

    Joined:
    Jul 29, 2008
    Messages:
    43
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Maastricht
    cPanel Access Level:
    Root Administrator
    Suppose I need to change my mysql tmp directory from /tmp to /mysqltmp because it's filling up my secured /tmp directory (which is 4 GB).

    Isn't this causing a security issue, when a user drops to shell?
    So can yo explain what is to prevent a user from escaping to a MySQL Shell prompt (which can be easily done), and be able to list all of our customers backups?
    Do I have do certain things to prevent this?
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,811
    Likes Received:
    671
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Could you provide an example of the exact commands you are running with shell access for a user that concerns you? The results should help give us a better understanding of the exact scenario you are describing.

    Thank you.
     
  3. rhm.geerts

    rhm.geerts Active Member

    Joined:
    Jul 29, 2008
    Messages:
    43
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Maastricht
    cPanel Access Level:
    Root Administrator
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,811
    Likes Received:
    671
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    A user should not have access to the alternate temporary directory configured with MySQL. Feel free to let us know of a specific method to reproduce this issue so we can test further.

    Thank you.
     
  5. rhm.geerts

    rhm.geerts Active Member

    Joined:
    Jul 29, 2008
    Messages:
    43
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Maastricht
    cPanel Access Level:
    Root Administrator
    In that case I think there is no problem.
    I read that question from the other user and thought there might be an problem and just would like to know if he had a point,
    But then again... if there was an issue, it probably would also be present in the normal /tmp folder, because both are set 1777.

    Thank you for the quick reply's, we can consider this thread solved.
     
Loading...

Share This Page