The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Problem with CGI Telnet

Discussion in 'Security' started by DMG765, Mar 5, 2014.

  1. DMG765

    DMG765 Registered

    Joined:
    Mar 5, 2014
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi,

    one of our customer uploaded a file (cgi telnet), and can go to the folowing places:

    cd /
    ls /
    ls /scripts
    ls /root
    and many other places on the server.

    how i can prevent user ?

    is this normal ? or its security problem ?

    i found this problem on many linux servers... what can i do with it ?

    Regards.
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    654
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Does the user actually have access to any sensitive data, or is it limited in the same way that jailed shell access is limited (e.g. access to /root/.my.cnf is actually denied)?

    Thank you.
     
  3. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    940
    Likes Received:
    55
    Trophy Points:
    28
    cPanel Access Level:
    DataCenter Provider
    The root directory, /, is always world readable. This is normal.
     
  4. DMG765

    DMG765 Registered

    Joined:
    Mar 5, 2014
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    may i ask why i can run this command and i can see everything under BIN

    ls /bin ?
     
  5. hamed23100

    hamed23100 Member

    Joined:
    Jul 31, 2008
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Hi,

    I have same problem,also i see user can see content of following file:
    cat /etc/passwd

    I asked this from Liquidweb management team for server i have there and they answered following, i am sure they do best but i want to make sure in such case server is secure or is it security issue:

    /bin contains the files that are needed for a customer to run commands such as ls, cat, vim, tar, etc. Each of those is actually a small program that is stored in the /bin directory. If a user did not have read and execute permissions on the /bin directory, they would not be able to execute Linux commands. It would be a security issue if a user were able to write to the /bin directory and change the files there, but as I demonstrated in the previous reply that is not possible.

    I am not able to access the new link you provided, it times out for me. However, users often require read access to /etc as well as many configuration files reside there. Again, the user with the shell does not have write access to /etc. /etc/passwd does not have particularly sensitive information, just the names and ID numbers of users on the server. There are no actual passwords stored there, those are in /etc/shadow which I have confirmed that this user does not have access to.
     
  6. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    940
    Likes Received:
    55
    Trophy Points:
    28
    cPanel Access Level:
    DataCenter Provider
    That is all correct.
     
Loading...

Share This Page