[Ask] What services are outside of CageFS?

hatoan.vniss

Junior Member

Join Date: Mar 2021

Posts: 7
- Share
- Tweet
#1

[Ask] What services are outside of CageFS?

06-10-2016, 11:15 PM

Hi CL-er,

Im working with CL (kernel 2.6.32-604.30.3.lve1.3.63.el6.x86_64 ). CageFS will hide all sensitive information. According to CL docs, WebDAV, cPanel file manager, webmail can be attacked by symlink bypass. So, What services are outside of CageFS?

How local attack can perform in CL?
Tags: None
bogdan.sh

Administrator

Join Date: Nov 2016

Posts: 1150
- Share
- Tweet
#2

06-22-2016, 07:28 AM

Hello,

It is easier to answer what is limited to cagefs - it will cage any scripts execution done via:

- Apache (suexec, suPHP, mod_fcgid, mod_fastcgi)â€¢
- LiteSpeed Web Server
- Cron Jobs
- SSH
- Any other PAM enabled service

Cpanel work as root user and its file manager works outside of CageFS. Actually, thats why symlink protection has been implemented.
Same for their webmail. We do not know any kind of attack that could bypass cagefs and jump outside.
Comment

Announcement