The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Safe to change ownership of files in /usr/local/cpanel? (Why w allowed for anyone?)

Discussion in 'Security' started by olephant, Mar 15, 2013.

  1. olephant

    olephant Registered

    Joined:
    Mar 15, 2013
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hello,

    My root admin skills are pretty basic, but I was wondering why the ownership of these files (or files such as these) allows write permissions to anyone:


    File '/usr/local/cpanel/3rdparty/php/53/lib/pear/HTML_Template_IT.xml' is owned by root and has written permissions to anyone.
    File '/usr/local/cpanel/3rdparty/php/53/lib/pear/HTTP_Request.xml' is owned by root and has written permissions to anyone.
    '/usr/local/cpanel/3rdparty/php/53/lib/pear/Date.xml' same thing...
    /usr/local/cpanel/3rdparty/php/53/lib/pear/HTTP.xml

    This was reported by Rootcheck (OSSEC), and yeah that seems to be the case. I have no idea what the files are. RW permissions for anyone... Problem?
    Should I ever hesitate to change permissions of files within these directories (in order to restrict to root user)?

    Feel free to tip me off if this question should be put to my host instead.
    Figured that if it had anything to do with how Cpanel works, it might be useful to ask here...

    I've already removed write permissions as I reckoned it would be ok.
     
Loading...

Share This Page