The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

shell users can access cpanel.

Discussion in 'General Discussion' started by ike, Nov 10, 2007.

  1. ike

    ike Well-Known Member

    Joined:
    Apr 22, 2003
    Messages:
    47
    Likes Received:
    0
    Trophy Points:
    6
    i recently had a user tell me they could get on cpanel even though they dont have a webhosting account with me. they have a shell account they run a psybnc. but when he went to domain.com/cpanel and the login came up his shell login and password logged him into cpanel. while i checked this out and it was true. he had no settings and there were errors as he didnt have any setup to work with i was still troubled that he could get into this. Is this a normal thing and can it be exploitable and if so is there a way to stop this?
     
  2. ike

    ike Well-Known Member

    Joined:
    Apr 22, 2003
    Messages:
    47
    Likes Received:
    0
    Trophy Points:
    6
    noone has any idea? or have i worded it wrong?
     
  3. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Joined:
    Nov 29, 2006
    Messages:
    11,279
    Likes Received:
    8
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    cPanel authenticates against system users. If you created a system user for that individual (which it sounds like you did), then they would be able to login via cPanel and experience the errors you mentioned.
     
Loading...

Share This Page