CageFS (3.2-12.el5) and /var question

chris replied

05-08-2012, 12:48 PM
cagefsctl --create-mp creates this

/var/lib/mysql
/var/spool
/var/cpanel
/dev/pts
/usr/local/apache/domlogs
/proc
/var/run/proxyexec/cagefs.sock
/opt

so I suppose it needs /var/spool
Leave a comment:
iseletsk replied

05-08-2012, 12:24 PM
It depends on the server & presence of litespeed webserver.
You can try executing:
cagefsctl --create-mp

And it will create /etc/cagefs/cagefs.mp -- trying to put only the things that are necessary.
Leave a comment:
chris replied

05-08-2012, 12:23 PM
What should a regular cagefs.mp file contain to work normally but a bit strict ?
Leave a comment:
avolkov replied

05-07-2012, 09:52 AM
Hello!

Please, remove line
/var/spool
from /etc/cagefs/cagefs.mp file
and then execute
cagefsctl --remount-all
Leave a comment:
mikael started a topic CageFS (3.2-12.el5) and /var question

04-27-2012, 01:11 PM
CageFS (3.2-12.el5) and /var question
With the default cagefs.mp
having:

Code:

/var/lib/mysql /var/spool /var/cpanel /dev/pts /usr/local/apache/domlogs /proc /opt

in /var/spool/mail as a caged user I can see all usernames of all other accounts.
Its not a big deal but still remains a threat, someone can harvest all usernames
and start guessing / brute forcing passwords, or guess the domain names from them
(cpanel creates username based on domain) and start digging it more...

Can I somehow block access to it ?
Tags: None

Announcement