Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Symlink Race Protection - EA4

Discussion in 'EasyApache' started by hicom, Sep 30, 2016.

  1. hicom

    hicom Well-Known Member

    Joined:
    May 23, 2003
    Messages:
    282
    Likes Received:
    2
    Trophy Points:
    168
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,442
    Likes Received:
    1,961
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    That document is intended for EasyApache 3. Information about symlink race protection with EasyApache 4 is found at:

    EasyApache4 symlink race protection

    It's not just Mod_Ruid2, but the combination of Mod_Ruid2 with the "EXPERIMENTAL: Jailshell Virtual Hosts using mod_ruid2 and cPanel jailshell in WHM's Tweak Settings interface" option that adds the protection.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Spork Schivago

    Spork Schivago Well-Known Member

    Joined:
    Jan 21, 2016
    Messages:
    597
    Likes Received:
    63
    Trophy Points:
    28
    Location:
    corning, ny
    cPanel Access Level:
    Root Administrator
    Sorry to butt in and hijack this thread a bit, but I just want to make sure I understand what you're saying cPanelMichael. You're saying if I'm running EasyApache4 and have Mod_Ruid2 enabled and the cPanel "EXPERIMENTAL: Jailshell Virtual Hosts" enabled under the Tweak Settings, I have symlink race protection? Thanks.
     
  4. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,442
    Likes Received:
    1,961
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Yes, that's considered a filesystem solution and offers protection:

    Symlink Race Condition Protection - EasyApache - cPanel Documentation

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    Spork Schivago likes this.
  5. Spork Schivago

    Spork Schivago Well-Known Member

    Joined:
    Jan 21, 2016
    Messages:
    597
    Likes Received:
    63
    Trophy Points:
    28
    Location:
    corning, ny
    cPanel Access Level:
    Root Administrator
    Thanks. I wanted a little more clarification. If I'm using ModSecurity2, I cannot enable the Apache Mod_RUID2 module, correct? Because ModSecurity2 has the DBM issues when Mod_RUID2 is enabled, right? ModSecurity3 (which should be coming out in the very near future (I believe) has this issue fixed...it'd be nice to have Mod_RUID2 and ModSecurity enabled again.

    Right now, if I have to choose between the two, I think the ModSecurity might be more beneficial than the Mod_RUID2. Thanks.
     
  6. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,442
    Likes Received:
    1,961
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    Installing Mod_Security and Mod_Ruid2 together is no longer blocked in EasyApache 4, but you are correct in stating there are existing DBM issues with Mod_Security when using Mod_Ruid2. The following thread offers a user-submitted workaround you could try:

    ModSecurity - SecDataDir

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    Spork Schivago likes this.
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice