Solved

symbolic links fright

Posted on 2009-05-14
6
446 Views
Last Modified: 2013-11-30
Hello

the cpanel allow to manage symbolic link via fiale manager edit, show content , extract files content symbolic links files ... etc

this can cause hacking , I hope to some one help to disallow all operations on symbolic links in cpanel and make symbolic links files as files disabled or not allow

thank you very much
0
Comment
Question by:xserverx
  • 3
  • 2
6 Comments
 
LVL 43

Expert Comment

by:ravenpl
ID: 24392851
I don't know the cpanel, but You can disable symlinks with .htaccess

Options -AllowSymLinks

the downside is the mod_rewrite requires it - will stop working if symlinks are disabled.
0
 
LVL 40

Accepted Solution

by:
noci earned 500 total points
ID: 24392913
I think you need to readup on SElinux policies to pull this off.
And deny certain things to be done.
See more:
http://en.wikipedia.org/wiki/Selinux
0
 

Author Comment

by:xserverx
ID: 24397241
ravenpl: mod_rewrite work behind Options -AllowSymLinks

SElinux : dowsn't work with cpanel

help please :(
0
Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

 
LVL 43

Expert Comment

by:ravenpl
ID: 24398938
> ravenpl: mod_rewrite work behind Options -AllowSymLinks
It's required by mod rewrite used in .htaccess

Anyway, what You expect - apache to ignore symlinks, or Linux to disable creation of symlinks?
0
 

Author Comment

by:xserverx
ID: 24400373
I think you are talking about FllowSymLinks not AllowSymLinks
the mod rewrite work without FllowSymLinks

in Linux anyone can create symbolic links to specifics files from their computer then compress as tar.gz , from cpanel its possible to extract this archive so symbolic link work fine in cpanel he can edit the target file via file manager editor and download the file ... etc (cpanel doesn't work behind apache for we can stop this matter with Options -FllowSymLinks ).

what is the solution here , is it possible for example to reconfigure cpsrvd for control symbolic links , or what can we doing to stop this ?


0
 

Author Closing Comment

by:xserverx
ID: 31581525
thank you
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

816 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now