Announcement

Collapse
No announcement yet.

CageFS (3.2-12.el5) and /var question

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    CageFS (3.2-12.el5) and /var question

    With the default cagefs.mp
    having:

    Code:
    /var/lib/mysql

/var/spool

/var/cpanel

/dev/pts

/usr/local/apache/domlogs

/proc

/opt
    in /var/spool/mail as a caged user I can see all usernames of all other accounts.
    Its not a big deal but still remains a threat, someone can harvest all usernames
    and start guessing / brute forcing passwords, or guess the domain names from them
    (cpanel creates username based on domain) and start digging it more...

    Can I somehow block access to it ?
    Tags: None
  • #2
    Hello!

    Please, remove line
    /var/spool
    from /etc/cagefs/cagefs.mp file
    and then execute
    cagefsctl --remount-all

    Comment

    • #3
      What should a regular cagefs.mp file contain to work normally but a bit strict ?

      Comment

      • #4
        It depends on the server & presence of litespeed webserver.
        You can try executing:
        cagefsctl --create-mp

        And it will create /etc/cagefs/cagefs.mp -- trying to put only the things that are necessary.

        Comment

        • #5
          cagefsctl --create-mp creates this

          /var/lib/mysql
          /var/spool
          /var/cpanel
          /dev/pts
          /usr/local/apache/domlogs
          /proc
          /var/run/proxyexec/cagefs.sock
          /opt

          so I suppose it needs /var/spool

          Comment

          Previous template Next
          Working...
          X