The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

update to cPanel 9.4.0 build 10 STABLE

Discussion in 'General Discussion' started by gorilla, Jun 11, 2004.

  1. gorilla

    gorilla Well-Known Member

    Joined:
    Feb 3, 2004
    Messages:
    699
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Sydney / Australia
    Hi,
    when is the STABLE update to cPanel 9.4.0 build 10 going to be available ?
     
  2. rs-freddo

    rs-freddo Well-Known Member

    Joined:
    May 13, 2003
    Messages:
    832
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Australia
    cPanel Access Level:
    Root Administrator
    I think cPanel is still working pretty hard to fix the mess they made. If you are running phpsuexec you are not vulnerable and there is no need to upgrade - shame the big red text doesn't say that eh...:rolleyes:
     
  3. mickalo

    mickalo Well-Known Member

    Joined:
    Apr 16, 2002
    Messages:
    765
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    N.W. Iowa
    right you are. we've been running the most recent STABLE tree w/PHPsuexec and Suexec with no problems for sometime.

    With Phpsuexec enabled, this disables the mod_php apache module which should take care of the security problem. :)

    Mickalo
     
  4. gorilla

    gorilla Well-Known Member

    Joined:
    Feb 3, 2004
    Messages:
    699
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Sydney / Australia
    Upgraded apache when I saw the message in WHM as well and got the same issues like everybody else about the broken links for /cpanel and /webmail
    and after waiting for a new STABLE release I had two choices to fix this problem .
    Upgrade to an unstable EDGE release ( which seems to bring even more problems ) or just disable suexec .
    So i just disabled suexec and the links are all working fine again .
    Any feed back from you guys regarding disabling suexec ?
     
    #4 gorilla, Jun 11, 2004
    Last edited: Jun 11, 2004
  5. Jeff-C

    Jeff-C Well-Known Member

    Joined:
    Mar 16, 2004
    Messages:
    117
    Likes Received:
    0
    Trophy Points:
    16
    Well, obviously you are now more vulnerable to poorly written exploitable cgi perl scripts or malicious users, but other than that :eek:
     
  6. Sinewy

    Sinewy Well-Known Member

    Joined:
    May 15, 2004
    Messages:
    367
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Sydney, Australia
    cPanel Access Level:
    DataCenter Provider
    ive got suexec disabled no security issues at all.

    i run on RELEASE or CURRENT. i grab the one which is the more up to date.
     
  7. Angel78

    Angel78 Well-Known Member

    Joined:
    May 9, 2002
    Messages:
    413
    Likes Received:
    1
    Trophy Points:
    16
    Do you mean this like, no there are no security issues at all when you disable suexec (I think that you are wrong)

    or

    I havent faced any security issues since I have disabled suexec ?
     
  8. gorilla

    gorilla Well-Known Member

    Joined:
    Feb 3, 2004
    Messages:
    699
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Sydney / Australia
    So what exactly are the security issues ?
    Are the external or internal ?
    Is it easier for a hacker to compromise the system externally if suexec is disabled ? Or are you just pointing out that our hosting clients are able to run cgi with the 'nobody' Id ?
     
Loading...

Share This Page