Solved

symbolic links fright

Posted on 2009-05-14
6
442 Views
Last Modified: 2013-11-30
Hello

the cpanel allow to manage symbolic link via fiale manager edit, show content , extract files content symbolic links files ... etc

this can cause hacking , I hope to some one help to disallow all operations on symbolic links in cpanel and make symbolic links files as files disabled or not allow

thank you very much
0
Comment
Question by:xserverx
  • 3
  • 2
6 Comments
 
LVL 43

Expert Comment

by:ravenpl
Comment Utility
I don't know the cpanel, but You can disable symlinks with .htaccess

Options -AllowSymLinks

the downside is the mod_rewrite requires it - will stop working if symlinks are disabled.
0
 
LVL 39

Accepted Solution

by:
noci earned 500 total points
Comment Utility
I think you need to readup on SElinux policies to pull this off.
And deny certain things to be done.
See more:
http://en.wikipedia.org/wiki/Selinux
0
 

Author Comment

by:xserverx
Comment Utility
ravenpl: mod_rewrite work behind Options -AllowSymLinks

SElinux : dowsn't work with cpanel

help please :(
0
Get up to 2TB FREE CLOUD per backup license!

An exclusive Black Friday offer just for Expert Exchange audience! Buy any of our top-rated backup solutions & get up to 2TB free cloud per system! Perform local & cloud backup in the same step, and restore instantly—anytime, anywhere. Grab this deal now before it disappears!

 
LVL 43

Expert Comment

by:ravenpl
Comment Utility
> ravenpl: mod_rewrite work behind Options -AllowSymLinks
It's required by mod rewrite used in .htaccess

Anyway, what You expect - apache to ignore symlinks, or Linux to disable creation of symlinks?
0
 

Author Comment

by:xserverx
Comment Utility
I think you are talking about FllowSymLinks not AllowSymLinks
the mod rewrite work without FllowSymLinks

in Linux anyone can create symbolic links to specifics files from their computer then compress as tar.gz , from cpanel its possible to extract this archive so symbolic link work fine in cpanel he can edit the target file via file manager editor and download the file ... etc (cpanel doesn't work behind apache for we can stop this matter with Options -FllowSymLinks ).

what is the solution here , is it possible for example to reconfigure cpsrvd for control symbolic links , or what can we doing to stop this ?


0
 

Author Closing Comment

by:xserverx
Comment Utility
thank you
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Issue to mail 11 35
Problem to start Neon 20 48
Cisco ASA5508-X vs Barracuda X200 2 18
RDP Sonicwall 8 19
Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now