The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

User with simple script can read and list file

Discussion in 'General Discussion' started by Venomous, Jan 7, 2004.

  1. Venomous

    Venomous Member

    Joined:
    May 3, 2003
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Hello,
    i have posted the same question on the RS forum, this is my question.
    I'm using cpanel by some months, but only for one large site. Yesterday with a simple perl script, this one http://brawl-hall.com/pages/downloads/telnet.tar.gz i have noticed that everyone from the browser can read the password file, list the /etc direcorty and more. I have never studied cpanel a lot, but due to the fact that i'm going to launch a free based hosting that use a a mysql authentication also fot proftpd, i have seen that everyone can read the password in /etc/proftpd.conf. I'm a bit confused is possible that Cpanel don't have a features for chroot every account? i have searched this forum, but no luck. The idea to let all user read the file on my machine is terrible :( Any suggestion are very welcome.
    Thanks in advance.
     
  2. jdp

    jdp Member

    Joined:
    Apr 19, 2004
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    I just noticed the same thing myself today. This is a MAJOR SECURITY PROBLEM!

    The files in /etc/proftpd were all set world readable! These files contain an exact copy of the system passwords for each user so anyone with shell access could log in and and download the password files, crack them, and gain access.

    I did a simple
    cd /etc/proftpd
    chmod 640 *
    chmod 660 passwd.vhosts

    to correct the problem, at least for now but this is a major issue that should not be overlooked!
     
  3. alex042

    alex042 Well-Known Member

    Joined:
    Sep 13, 2003
    Messages:
    76
    Likes Received:
    0
    Trophy Points:
    6
    What security do you have enabled?

    suexec is supposed to help control cgi/perl scripts, phpsuexec with php scripts, safe_mode should prevent people from running some of those scripts, openbase_dir should confine people to their directories. Maybe a combination of these will keep your server more secure.
     
  4. jdp

    jdp Member

    Joined:
    Apr 19, 2004
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    That might very well help attacks over the web, but when users have shell access all bets are off unless they are jailed into their home dirs.
     
  5. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,578
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    Your users should be jailed and not have pure ssh.
     
Loading...

Share This Page