The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

"security guarantee"

Discussion in 'Security' started by Lem0nHead, Jun 13, 2004.

  1. Lem0nHead

    Lem0nHead Well-Known Member

    Joined:
    Sep 2, 2003
    Messages:
    69
    Likes Received:
    0
    Trophy Points:
    6
    don't you think it would be a good idea if cPanel offers like $500 for people who can find and report to them dangerous (defined by them) vulnerabilities on cPanel ("vulnerabilities on cPanel" are something like "if we had the same softwares running on another control panel, that wouldn't happen" - examples are the password change and suexec things)?

    that's not only to make people start to find bugs and vulns, but to, instead to run posting them on bugtraq, they would contact cPanel first to get the money (after cPanel fix the issue) and this way the servers of everybody running cPanel would be more safe...
     
  2. kris1351

    kris1351 Well-Known Member

    Joined:
    Apr 18, 2003
    Messages:
    963
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Lewisville, Tx
    It would be like asking MS to give money for pointing out exploits in their systems. Being that it is a web interface that is directly connected to the Internet in 99% of its instances I think it would be a horrible idea. It is next to impossible for coders to keep up with the malicious activities of the masses. Cpanel does a great job at trying to keep up and keep things patched. More than 90% of the hacks you see here aren't caused by Cpanel, they are caused by admins not closing holes in their *nix configurations.
     
  3. Lem0nHead

    Lem0nHead Well-Known Member

    Joined:
    Sep 2, 2003
    Messages:
    69
    Likes Received:
    0
    Trophy Points:
    6
    i still think 10% is a high percentage ;)

    i keep my server patched, always updating things, grsecurity patch, noexec tmp etc etc etc and i'd be very pissed off if my server got hacked because a cpanel vuln
    i know cpanel has a bunch of files and so it's probably to have security problems, but there aren't many files that can run with root or other users privileges, so those are the only ones that they should REALLY care
     
Loading...

Share This Page