The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

wwwacct bug

Discussion in 'General Discussion' started by Arthur, Jul 22, 2003.

  1. Arthur

    Arthur Member

    Joined:
    Jan 23, 2003
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    Hello Nick,

    I think you should move the following lines from line 791 to line 813 in /scripts/wwwacct.
    cPanel.net Support Ticket Number:
     
  2. cPanelNick

    cPanelNick Administrator
    Staff Member

    Joined:
    Mar 9, 2015
    Messages:
    3,426
    Likes Received:
    2
    Trophy Points:
    38
    cPanel Access Level:
    DataCenter Provider
    Probably a good idea (thats why its marked experimental in easyapache)

    cPanel.net Support Ticket Number:
     
  3. Arthur

    Arthur Member

    Joined:
    Jan 23, 2003
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    Hi Nick,

    Another bug was found: After using WHM and Cpanel to install Frontpage, folder public_html will be chgrp to owner. Could you please fix this?

    Thank you.

    cPanel.net Support Ticket Number:
     
  4. tAzMaNiAc

    tAzMaNiAc Well-Known Member

    Joined:
    Feb 16, 2003
    Messages:
    559
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Sachse, TX
    Hint: send in support ticket too.

    cPanel.net Support Ticket Number:
     
  5. Arthur

    Arthur Member

    Joined:
    Jan 23, 2003
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    Ticket submitted.

    cPanel.net Support Ticket Number: 19092
     
  6. goodmove

    goodmove Well-Known Member

    Joined:
    May 12, 2003
    Messages:
    624
    Likes Received:
    0
    Trophy Points:
    16
    Isn't that how it's supposed to be? Isn't the group always the same as the username?
     
  7. cPanelNick

    cPanelNick Administrator
    Staff Member

    Joined:
    Mar 9, 2015
    Messages:
    3,426
    Likes Received:
    2
    Trophy Points:
    38
    cPanel Access Level:
    DataCenter Provider
    Its fixed in the latest /scripts

    cPanel.net Support Ticket Number:
     
  8. Arthur

    Arthur Member

    Joined:
    Jan 23, 2003
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    If you use webroot protection (an experimental option in easyapache), public_html will be chgrp to nobody and chmod to 750, which can avoid that someone steals other users' data via shell or cgi.

    cPanel.net Support Ticket Number:
     
  9. tAzMaNiAc

    tAzMaNiAc Well-Known Member

    Joined:
    Feb 16, 2003
    Messages:
    559
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Sachse, TX
    Is this option working ok now with the latest scripts? if so, I can go rebuild my apache to add this webroot protection.

    cPanel.net Support Ticket Number:
     
  10. Arthur

    Arthur Member

    Joined:
    Jan 23, 2003
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    Yes, Nick has fixed it.

    cPanel.net Support Ticket Number:
     
  11. cPanelNick

    cPanelNick Administrator
    Staff Member

    Joined:
    Mar 9, 2015
    Messages:
    3,426
    Likes Received:
    2
    Trophy Points:
    38
    cPanel Access Level:
    DataCenter Provider
    I'm using it on my box now :)

    cPanel.net Support Ticket Number:
     
  12. tAzMaNiAc

    tAzMaNiAc Well-Known Member

    Joined:
    Feb 16, 2003
    Messages:
    559
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Sachse, TX
    Thanks :)

    All sounds great! I will do this tonight.

    cPanel.net Support Ticket Number:
     
  13. mmkassem

    mmkassem Well-Known Member

    Joined:
    Oct 21, 2002
    Messages:
    390
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Egypt
    Do I have to recompile apache or just use:
    /scripts/enablefileprotect
    ?

    cPanel.net Support Ticket Number:
     
  14. cPanelNick

    cPanelNick Administrator
    Staff Member

    Joined:
    Mar 9, 2015
    Messages:
    3,426
    Likes Received:
    2
    Trophy Points:
    38
    cPanel Access Level:
    DataCenter Provider
    Just the script

    cPanel.net Support Ticket Number:
     
  15. jamesbond

    jamesbond Well-Known Member

    Joined:
    Oct 9, 2002
    Messages:
    738
    Likes Received:
    1
    Trophy Points:
    18
    I don't think I quite follow what it is supposed to do then.

    If you don't run phpsuexec, people can still use php scripts to snoop around, as user nobody, in other users' directories, right?

    cPanel.net Support Ticket Number:
     
  16. Arthur

    Arthur Member

    Joined:
    Jan 23, 2003
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    This is why I say that it can stop stealing other users' data via shell or cgi.

    You can use "php open_basedir Tweak" to avoid bad php scripts.

    cPanel.net Support Ticket Number:
     
  17. goodmove

    goodmove Well-Known Member

    Joined:
    May 12, 2003
    Messages:
    624
    Likes Received:
    0
    Trophy Points:
    16
    That script is only chmoding the existing user directories 711. It's not chowning or chmoding the existing public_htmls to owner.nobody 750. Is there a separate script to do that?
     
  18. mmkassem

    mmkassem Well-Known Member

    Joined:
    Oct 21, 2002
    Messages:
    390
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Egypt

    That script is only chmoding the existing user directories 711. It's not chowning or chmoding the existing public_htmls to owner.nobody 750. Is there a separate script to do that?
    [/QUOTE]

    pico /scripts/enablefileprotect

    You will see at the bottom:

    chmod 0711, $homedir;
    chown $useruid,$httpgid, "${homedir}/public_html";
    chown $useruid,$httpgid, "${homedir}/public_html/_vti_pvt";
    chmod 0750, "${homedir}/public_html";


    try to update the scripts (/scripts/updatenow)

    cPanel.net Support Ticket Number:
     
  19. nitromax

    nitromax Well-Known Member

    Joined:
    Feb 12, 2002
    Messages:
    189
    Likes Received:
    0
    Trophy Points:
    16
    You can now reverse the changes that /scripts/enablefileprotect makes with a new script that they just added called /scripts/disablefileprotect.

    It was causing the majority of our cgi scripts to stop working. But after running the disabler all was well.

    cPanel.net Support Ticket Number:
     
Loading...

Share This Page