Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
1
Suggestions / Sendmail Analyzer support
« on: April 20, 2020, 08:46:47 AM »
Hi,
It would be nice if you could add conf file for cwpsrv nginx, for those who have sendmailanalyzer installed.
It would be nice if you could add conf file for cwpsrv nginx, for those who have sendmailanalyzer installed.
2
CentOS-WebPanel Bugs / Bug: Imported cpanel account with FTP path set outside of user home dir . . .
« on: April 16, 2020, 02:23:44 PM »
There is potentially serious bug when importing cpanel account backup.
Scenario:
Root account can edit ftp account homedir folder in pure-ftpd conf file.
For example, account home folder is /home/account/ftpaccount but can be edited into / *
Pack such account and import into CWP and said ftp account now have read only access to root directory /. Potential attacker can prepare such account and gain access to all user files on new server.
Cpanel does necessary checks and fixes such "errors" automatically.
Scenario:
Root account can edit ftp account homedir folder in pure-ftpd conf file.
For example, account home folder is /home/account/ftpaccount but can be edited into / *
Pack such account and import into CWP and said ftp account now have read only access to root directory /. Potential attacker can prepare such account and gain access to all user files on new server.
Cpanel does necessary checks and fixes such "errors" automatically.
Pages: [1]
