sneader

Well-Known Member
Aug 21, 2003
1,179
57
178
La Crosse, WI
cPanel Access Level
Root Administrator
I have a potential new customer that is asking if we allow customers to use wget. I tried it with a random hosting account and I get:

[email protected] [~]# wget http://www.example.com/index.htm
-bash: /usr/bin/wget: Permission denied

I see that /usr/bin/wget has 700 permissions and is owned by root.

I'm assuming there are security repercussions of allowing wget for users. Anyway, I'd appreciate any general discussion about wget security, alternatives for users, etc.

Thanks!

- Scott
 

brianoz

Well-Known Member
Mar 13, 2004
1,146
7
168
Melbourne, Australia
cPanel Access Level
Root Administrator
There are horrible security repercussions - hackers use it to download their toolkits when they are trying to crack into your accounts, so keeping it turned off will save you a whole world of pain!

The two alternatives I can think of from the top of my head are:

create a wget group, make it perm 710 and change it's group to wget, and add users to wget group as needed
Code:
groupadd wget
chgrp wget /usr/bin/wget
chmod 710 /usr/bin/wget
usermod (options) username
(read the manual for relevant usermod options)

create a separate binary called "wget.4x" and tell only some users what the name of the binary is, with permissions 755:
Code:
cp /usr/bin/wget /usr/local/bin/wget.4x
chmod 711  /usr/local/bin/wget.4x
This second method is probably the easiest ...
 
  • Like
Reactions: sneader