Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SOLVED Symlink Protection patchset

Discussion in 'Security' started by John Schmerold, Oct 15, 2017.

  1. John Schmerold

    John Schmerold Well-Known Member

    Joined:
    Apr 21, 2004
    Messages:
    59
    Likes Received:
    3
    Trophy Points:
    158
    Location:
    st. louis
    cPanel Access Level:
    Root Administrator
  2. Muhammed Fasal

    Muhammed Fasal Active Member

    Joined:
    Aug 9, 2017
    Messages:
    40
    Likes Received:
    3
    Trophy Points:
    8
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hi,

    You need to login to your server via SSH as root user and then execute below command to know UID and GID of Apache Process:

    ps -o euid,egid --ppid `netstat --inet --inet6 -pln|awk '/:80 / { split($7,tmp, "/"); print tmp[1]; }'`|sort |uniq|grep -v EUID
     
  3. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,677
    Likes Received:
    73
    Trophy Points:
    28
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hi,

    You can also check this via executing below command directly on your server.

    # id apache
    The output of this command would be like:
    uid=48(apache) gid=48(apache) groups=48(apache)
     
  4. John Schmerold

    John Schmerold Well-Known Member

    Joined:
    Apr 21, 2004
    Messages:
    59
    Likes Received:
    3
    Trophy Points:
    158
    Location:
    st. louis
    cPanel Access Level:
    Root Administrator
    OK, in my case it appears to be running as user "nobody" is that optimal?
    [root@cp ~]# ps -o euid,egid --ppid `netstat --inet --inet6 -pln|awk '/:80 / { split($7,tmp, "/"); print tmp[1]; }'`|sort |uniq|grep -v EUID
    99 99
    EUID EGID
    [root@cp ~]# id nobody
    uid=99(nobody) gid=99(nobody) groups=99(nobody)

    id apache does not exist
     
  5. cPWilliamL

    cPWilliamL cP Technical Analyst II
    Staff Member

    Joined:
    May 15, 2017
    Messages:
    257
    Likes Received:
    27
    Trophy Points:
    103
    Location:
    America
    cPanel Access Level:
    Root Administrator
    Hi,

    The internal Apache configuration will also denote this:
    Code:
    # grep -E ' (user|group):' /var/cpanel/conf/apache/main
      group:
          group: nobody
      user:
          user: nobody
    
    This is normal. I also wouldn't recommend trying to change the Apache user, as there are certain safeguards in place to prevent abuse by the Apache user `nobody'.

    Thanks,
     
Loading...

Share This Page