The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

What is THIS?

Discussion in 'Security' started by DjiXas, Sep 11, 2010.

  1. DjiXas

    DjiXas Well-Known Member

    Joined:
    Feb 10, 2007
    Messages:
    294
    Likes Received:
    0
    Trophy Points:
    16
    When will this be fixed?????????????
     
  2. Davetha

    Davetha Member
    PartnerNOC

    Joined:
    Jun 6, 2006
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    Hi DjiXas,
    We reported this over a year ago to cPanel. I know a lot of scripts use followsymlinks, so what we ended up doing at www.HostGator.com is writing a patch for Apache that forced followsymlinks to function the same as the follow symlinks owner match Option.

    Sites can be exploited very easily with follow symlinks being enabled or unpatched.
     
    #2 Davetha, Sep 12, 2010
    Last edited: Sep 14, 2010
  3. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,461
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    As the Apache developers themselves note (core - Apache HTTP Server) symlink testing is prone to race conditions that allow the check to be circumvented. Specifically the behavior of SymLinksIfOwnerMatch should not be considered a security safeguard or measure.

    A surer safe guard is to put measures in place that reduce the amount of code that runs as the Apache user ('nobody' on a cPanel system). Things such as suPHP, suexec and so forth can help with this.

    In conjunction with reducing the use of the Apache user, having restrictive ownership and permissions on files and directories will reduce the target vector. Specifically, removing the need for Everyone to have access to files and directories in the user's home directory.
     

Share This Page