Announcement

Collapse
No announcement yet.

cPanel File Manager have to much access (bug?)

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • cPanel File Manager have to much access (bug?)

    Hello cloudlinux team,
    i noticed cPanel "File Manager" working not in cage and support symlinks following, it allows normal cpanel user upload own symlink pointed to some file (for example /etc/passwd) or directory at server with global readable permissions and read it, also user can just put some files in writeable directory to run out all inodes at partition. Also i noticed cpanel user can just write into own "etc/website_folder/passwd and shadow" for create new mailboxes avoiding plan limits. Please explain it bugs or just missconfiguration?

  • #2
    Hello,

    cPanel features like file manager or webmails are workign with own services. They are not entering CageFS at all. The solution for symlink creation issue is to enable Link Traversal Protection: http://docs.cloudlinux.com/index.htm...rotection.html

    Comment


    • #3
      > Hello,
      >
      > cPanel features like file manager or webmails are workign with own services. They are not entering CageFS at all. The solution for symlink creation issue is to enable Link Traversal Protection: http://docs.cloudlinux.com/index.htm...rotection.html

      Thank you for recommendation, but what about ability create mailboxes by write directly in user "etc/website folder/passwd and shadow" files avoiding cPanel tarif plan limits?

      Comment


      • #4
        I am not sure I understand.. could you please provide me with a steps needs to be done to reproduce possible issue?

        Comment


        • #5
          1) Have cPanel account with limited mailbox count. http://meson.ad-l.ink/7RsVdMNwb/image.png 2) Edit files "etc/domainname/passwd" and "etc/domainname/shadow" with cPanel File Manager to add new mail account. http://meson.ad-l.ink/6sSbg45NK/image.png This files have permissions 640 with owner acountname:mail to give dovecot ability read it. After save edited files group permissions will be dropped and dovecot unable access them, to give him access again we can set red permissions for all. http://meson.ad-l.ink/8rLHfq9yD/image.png 3) Use new accounts do not care about limits and warning. http://meson.ad-l.ink/6WR2lWZc5/image.png

          Comment


          • #6
            Hello,

            I was able to reproduce the issue, however I worry we from CloudLinux side could not fix it. This all is handled by cPanel functionality, and it should be reported to cPanel team. Better to create support ticket with with them, or write to their forum.

            Thank you.

            Comment

            Working...
            X