Control Web Panel
WebPanel => Backup => Topic started by: ripieces on June 06, 2016, 08:34:17 AM
-
Hello.
I am not sure if this problem only affects me or if it's a general problem:
The backup folder and the files created in the backup folder are owned by root:root, however they are readable for all other users.
I did
chmod -R o-rx /backup
now to fix this myself.
I think if possible this should be changed in CWP, since if one user is compromised the user will be able to read all the files of the other users from the backup folder, which includes database settings / passwords and so on.
-
I second this change.
I right now test, and my server has this problem too.