Enabled Suphp But Still Can Read /etc/passwd

Nov 8, 2008

It there any good way to stop using from reading /etc/passwd?

I have suPHP enabled and open_basedir enabled by WHM too. But it seems susphp ignores open_basedir restrictions?

Here is virtual host config:

<VirtualHost x.x.x.x:80>
<IfModule concurrent_php.c>
php4_admin_value open_basedir "/home/xxx/:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib/p$
php5_admin_value open_basedir "/home/xxx/:/usr/lib/php:/usr/local/lib/php:/tmp"
</IfModule>
<IfModule !concurrent_php.c>
<IfModule mod_php4.c>
php_admin_value open_basedir "/home/xxx/:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/li$
</IfModule>
<IfModule mod_php5.c>
php_admin_value open_basedir "/home/xxx/:/usr/lib/php:/usr/local/lib/php:/tmp"
</IfModule>
<IfModule sapi_apache2.c>
php_admin_value open_basedir "/home/xxx/:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/li$
</IfModule>
</IfModule>
ServerName xxx.com
ServerAlias www.xxx.com
DocumentRoot /home/xxx/public_html
ServerAdmin webmaster@xxx.com
UseCanonicalName Off
CustomLog /usr/local/apache/domlogs/xxx.com combined
CustomLog /usr/local/apache/domlogs/xxx.com-bytes_log "%{%s}t %I .
%{%s}t %O ."
## User xxx # Needed for Cpanel::ApacheConf
<IfModule mod_suphp.c>
suPHP_UserGroup xxx xxx
</IfModule>
<IfModule !mod_disable_suexec.c>
SuexecUserGroup xxx xxx
</IfModule>
ScriptAlias /cgi-bin/ /home/xxx/public_html/cgi-bin/
DocumentRoot /home/xxx/public_html
ServerAdmin webmaster@xxx.com
UseCanonicalName Off
CustomLog /usr/local/apache/domlogs/xxx.com combined
CustomLog /usr/local/apache/domlogs/xxx.com-bytes_log "%{%s}t %I .
%{%s}t %O ."
## User xxx # Needed for Cpanel::ApacheConf
<IfModule mod_suphp.c>
suPHP_UserGroup xxx xxx
</IfModule>
<IfModule !mod_disable_suexec.c>
SuexecUserGroup xxx xxx
</IfModule>
ScriptAlias /cgi-bin/ /home/xxx/public_html/cgi-bin/
# To customize this VirtualHost use an include file at the following location
# Include "/usr/local/apache/conf/userdata/std/2/xxx/xxx.com/*.conf"

</VirtualHost>

Scripts are running with user's UID, and that is fine, but it can still read /etc/passwd file for example.

How to fix that? Is it really open_basedir value is ignored by susphp? It works fine if I remove suphp and run scripts with nobody uid.

View 10 Replies


ADVERTISEMENT

Unable Read /etc/passwd. /etc/passwd MUST Be World Readable Under UN*X Operating Sys

Feb 14, 2008

i run one bad command :-(

chmod -R 644 /

and this command changes all permision in root server
have any away for fixed all permision in centos?

because all site take error

i use of cpanel

View 14 Replies View Related

Permission Denied: /home/airtrade/etc/airtrade.com.tw/passwd Passwd

Jul 20, 2008

Permission denied: /home/airtrade/etc/airtrade.com.tw/passwd passwd this is the error message obtained upon trying to create email accounts in cpanel.

the present permissions of the passwd file is 644 and ownership is username nobody i tried changing it to username.mail but still the same error

View 1 Replies View Related

/etc/passwd

Mar 4, 2007

root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0ync:/sbin:/bin/sync
shutdown:x:6:0hutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0perator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
dbus:x:81:81ystem message bus:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
netdump:x:34:34:Network Crash Dump user:/var/crash:/bin/bash
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
sshd:x:74:74rivilege-separated SSH:/var/empty/sshd:/sbin/nologin
rpc:x:32:32ortmapper RPC user:/:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
pcap:x:77:77::/var/arpwatch:/sbin/nologin
xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
htt:x:100:101:IIIMF Htt:/usr/lib/im:/sbin/nologin
canna:x:39:39:Canna Service User:/var/lib/canna:/sbin/nologin
wnn:x:49:49:Wnn Input Server:/var/lib/wnn:/sbin/nologin
named:x:25:25:Named:/var/named:/sbin/nologin
mysql:x:101:102:MySQL server:/var/lib/mysql:/bin/bash
mailman:x:32001:32001::/usr/local/cpanel/3rdparty/mailman:/bin/bash
cpanel:x:32002:32003::/usr/local/cpanel:/bin/bash
johnny:x:32003:32004::/home/dorn:/usr/local/cpanel/bin/noshell
angel:x:32004:32005::/home/angeliq:/bin/false
clamav:x:32015:32017:Clam AntiVirus:/home/clamav:/bin/false

I heard it may pose a security risk for those unneeded users. Which lines can I remove?

View 1 Replies View Related

Passwd For SSH

Oct 21, 2007

i been wonder today when i try to login my account @box by SSH 21

the password is changed i think!

and when i see the logs files there is no stranger ip!

and there is no email about changeing password for my mail!

i tried to log in by another account in my server and trying to su root permission by my password

but passwd incorect!

and i change the Mysql root passwd and same thing

my support they sleep before 3 days so i should to figure my problem alone...

how to reset my root ssh passwd?

am useing Plesk VPS ...

View 8 Replies View Related

Passwd- And Shadow- Files

Apr 5, 2009

I have been googling this for a while but am not getting anywhere. Curiosity has gotten the best of me, what are the passwd- and shadow- files used for? The date and time stamps for both the passwd- and passwd files are exactly the same, as are the shadow- and shadow files.

Are they automatically-created backups of the passwd and shadow files?

View 2 Replies View Related

How Can I Save My /etc/passwd File

Nov 3, 2007

how can i save /etc/passwd there is many linux order which show my users on server
such as :

cat /etc/passwd
cat /var/cpanel/acounting.log
ls -la /etc/valiases
ls /var/named

-----------------
and how can i disable the geting orders
such as :

wget
curl -o
lynx

View 8 Replies View Related

User Can See /etc/passwd. How To Stop This

Sep 1, 2007

We have CentOS and WHM 11 on the server. Also we have PHP 4.4.4 and open base dir enabled on the server . We have a shared server with many website configured on it.

Now The user uses the following PHP code and can see the /etc/passwd file
=============================================
<?
echo ini_get("safe_mode");
echo ini_get("open_basedir");
include("/etc/passwd");
ini_restore("safe_mode");
ini_restore("open_basedir");
echo ini_get("safe_mode");
echo ini_get("open_basedir");
include("/etc/passwd");
?>
============================================

Now how to stop this. This is a security hole. how to stop this.

View 11 Replies View Related

Passwd: Authentication Token Manipulation Error

Mar 8, 2009

I set up a new account for a client using my reseller. He went to change the password and he is getting this error

There was an error manipulating the password file. This generally means you entered your old password incorrectly.

Changing password for user xxxxx.

Changing password for xxxxx

(current) UNIX password:

passwd: Authentication token manipulation error

The thing is, he is putting the password in correct. I made sure of that

I am able to change it in whm and i am able to log in to the account, i just cant change the password from cpanel

View 3 Replies View Related

Resetting A Root Password After /etc/passwd / Strangeness

Dec 27, 2007

We've had a customer do something strange to their server. They were playing with /etc/passwd or /etc/shadow or similar (not quite sure of the details) but the upshot is booting the server into single user and trying to reset the password via passwd gives

passwd root (and any user)
passwd: Authentication token manipulation error

So far I've

Replaced /etc/passwd* and /etc/shadow* with a copy from another server
Turned off SeLinux
/etc/pam.d/passwd is fine
Root file system is r/w

View 1 Replies View Related

Suphp

Nov 13, 2007

I use "suphp" on 3 servers I own with apache 2.2.6 and suddenly yesterday (15 hours ago) one of the servers show "Internal server error" on all sites.

Tried rebuilding apache and php 4 times with no fix until I came to try handling php with cgi instead. (I always like to track who is using apache processes)

well. getting to this fix was after 10 hours of all sites not working on the server.

now (5 minutes ago) I go to http://www.suphp.org to read their docs for solution to find this

Quote:

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, hostmaster@marsching.com and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.
Apache Server at www.suphp.org Port 80

Why did this suddenly arise while No changes were done on server software or config?

I believe this happens after the first coming apache restart or something but dunno what was the reason yet

maybe suphp.org guys have to update us when their site comes back online

View 5 Replies View Related

S.M.A.R.T Not Enabled

Dec 18, 2008

I have dedicated server running CentOS 5.2 with the latest release of cPanel.

Every night /scripts/upcp runs and I get e-mail. I am worried about this part:

Checking /dev/sda....S.M.A.R.T does not appear to be enabled for this device.

Checking /dev/sdb....S.M.A.R.T does not appear to be enabled for this device.

How do I enable S.M.A.R.T. (should I?) permanently?

View 11 Replies View Related

FastCgi Or SuPHP

Apr 1, 2009

what do you prefer?

fastcgi or suphp?

which one is better with suexec (in security and resource usage)?

View 11 Replies View Related

SuPHP Along With Suhosin

Oct 28, 2009

we have installed suPHP along with suhosin on server to prevent upload of illegal scripts but still we are having problems with scripts used for phishing web sites! We have a lot of Joomla users and other php apps installed on server.

View 5 Replies View Related

How To Remove Suphp

Mar 23, 2009

i have many problem from this

i want to remove it

i had recompiled apache without it but it still working

View 2 Replies View Related

SuPHP Or EAccelerator

Jul 22, 2009

I have a Linux server for shared hosting in which I am using Cpanel/WHM. I have PHP running as suPHP which I believe is for security. The problem I am facing is a lot of PHP based websites create load on the server and consume as much as 10% of the CPU and sometimes some script even consumes 50% CPU. I think I can reduce the load caused by the PHP scripts by installing eAccelerator. However, it does not work with PHP running as suPHP. Can anybody tell me which one should I choose of the both? Is there any other way to reduce the load on the server?

View 14 Replies View Related

Suexec And Suphp?

Feb 8, 2008

what are suexec / suphp and for what purpose we use it.

View 1 Replies View Related

SuPhp Use A Lot Of Resource

May 22, 2008

we are try SuPhp on Cpanel server but seem that is use a lot of resource, on 2 X quad core server we can't add more than 300 domains for server, whic configuration do u use? any alternative solution?

View 7 Replies View Related

PHP 5 Handler (DSO Vs SUPHP)

Jun 25, 2008

somebody suphp?

What is your advice?

View 6 Replies View Related

PHPSuExec Or Mod SuPHP

Mar 18, 2008

I'm wondering which one is the best with cPanel and Apache 1.3.41. The server will be used for shared hosting.

View 11 Replies View Related

Php 5 Handler Dso Vs Cgi Vs SuPHP

Mar 19, 2008

I wanted to ask an advice which php handler is the most secure to have on a shared server:

dso vs cgi vs SuPHP

I currently have dso with Suexec on and few accounts are getting phishing sites uploaded so I read that SuPHP is safer. What do you recommend?

If I do change the server to SuPHP should I enable Suexec as well in the whm: Configure Suexec and PHP?

View 9 Replies View Related

Suphp And Suhosin ..

Nov 27, 2008

i have install suhosin and i want to know that should i install suphp too?

and

do you recomend me to install suphp?

View 2 Replies View Related

Need CURL Enabled

Apr 9, 2009

I have a Linux-Debian server, I have Apache2, PHP ect setup for a basic website im running on it too, However I need cURL enabled, I cant seem to find any options in the php.ini files to enable cURL at all.

I know that you just uncomment it to enable it however I dont see it at all, even it being disabled. I opened it in notepad and used the SEARCH feature and it couldnt find it eithier.

View 5 Replies View Related

Suphp On Webmin With Debian 5

Jun 24, 2009

I have just installed my vps with webmin on debian 5 and I need a guide to how to configure my system to use suphp, Ive googled it but not come back with any clear guide.

I better add Ive plunged in at the deepend and after the secuity breach at Vaserv, I can not take the easy option and install lxadmin any longer.

View 1 Replies View Related

SuPHP On A Dedicated Server

Oct 18, 2009

I'm running a dedicated server (ie my site only) which is primarily a vbulletin powered site.

I was wondering if it is beneficial in running PHP as suPHP along with suhosin?

A lot of articles I see seem to be aimed at shared setups where there are other users with various (possibly) untrusted scripts.

It is a WHM/cPanel managed server which by default is set to run PHP5 as DSO (Apache module).

suexec is installed however this only affect CGI scripts correct?

I recently had a (paid) security audit completed and I asked the question about suhosin. The reply I got was:

Quote:

You do not need suhosin as you do not run suPHP we enforce posix acl's which will prevent vulnerable scripts from being able to download to the system easily and prevent the automated attacks. You can try this by installing a phpshell and you will see it's not very effective, only php functions are really of any use (such as readfile() and so on) but it will prevent things like wget xxx.

Should I recompile Apache (via EasyApache) with suPHP and suhosin or just leave as is?

View 14 Replies View Related

Register_globals With Suphp And SuEXEC

Mar 29, 2009

my server is centos and cpanel,

i setup it with suphp and suEXEC,

and i set the register_globals as off on server,

now,i had a website need register_globals on,

i search many articles and try to edit php.ini and .htaccess,

but all still show

FATAL ERROR: register_globals is disabled in php.ini, please enable it!

or

500 internal error

could anyone teach me how to solve the issue?

View 14 Replies View Related

Broke Something When Playing Around With Suphp

May 17, 2009

suphp and spent the better part of the day configuring a new server and then upgrading it to suphp in preparation for a migration next week.

However, I broke the links to var/www/html in the process and I don't know at what point it broke to know how to fix it.

I have a couple of links that usually work to this directory:
lax.powermonster.net/test.bin
and
[url]

Both of which now come up to a 404 error from my main site: powermonster.net.

View 12 Replies View Related

Suphp Working With Vsftpd

Apr 23, 2009

I am setting up a shared Server with apache2 and php5 + suhosin +suPHP + vsftpd.

The Directory Structure is:

1. DocumentRoot

/var/www/virtual/website1
/var/www/virtual/website2
/var/www/virtual/website3
............etc

2. For each website I would create a system account and tie it to each virutal host(as required by suPHP)

chown -R John:group1 /var/www/virtual/website1
chown -R Mary:group1 /var/www/virtual/website2
chown -R Ben:group1 /var/www/virtual/website3
...........etc

<VirtualHost 192.168.100.44>
DocumentRoot /var/www/virtual/website1
ServerName www.website1.com
suPHP_UserGroup John group1
</VirtualHost>

<VirtualHost 192.168.100.45>
DocumentRoot /var/www/virtual/website2
ServerName www.website2.com
suPHP_UserGroup Mary group1
</VirtualHost>
........etc

3. I setup vsftpd with chroot to each virtual host.

This works very nice as long as each client has only one ftp account. But if a client(website1) wants to have multiple ftp accounts( ex. john, john100, john200), they would mess up the file ownership when they upload and change files. Since suPHP executes PHP scripts with the permissions of their owners (suPHP_UserGroup John group1, suPHP would complain their setid is mismatched because the John100 is not the suPHP_USERGROUP owner(John). I have tried Virtual Hosting with Vsftpd and Mysql, that didn't work because all the virutal users would be acting as one user (guest_username=virtualftp) when they upload and change files. I am wondering if there is ways to allow multiple ftp accounts for each Virutal host working together with suPHP. Or It is possible for ftp user to change ownership once they log in.

View 3 Replies View Related

SuPHP + CGI PHP And Zombie Processes

May 28, 2009

OS: CentOS 5
Software: Apache 2 / PHP CGI 5.8 / suPHP

Today I took the leap and switched to suPHP, rather than the Apache module. This is just what suited us best for hosting our own websites, keeping them more isolated from eachother bar a certain shared directory.

All is great, apart from I'm now noticing Zombie processes all of the time. These processes do seem to go away though, if I watch top the amount of Zombie processes will go up and down between 0 and 10.

Code:
17471 gnation 15 0 0 0 0 Z 1 0.0 0:00.03 php-cgi <defunct>
17463 gnation 16 0 0 0 0 Z 1 0.0 0:00.02 php-cgi <defunct>
17467 gnation 16 0 0 0 0 Z 1 0.0 0:00.02 php-cgi <defunct>

Are these processes a problem, considering they do leave after a while? I've read up about Zombie processes and it would seem that as long as they are closing at some point, instead of hanging around, then that's fine. Is this supposed to happen in my setup?

View 3 Replies View Related

Apache 2.2, PHP 5, SuPHP, Forcetype

May 8, 2008

Forcetype does not appear to run correctly with Apache 2.2 and SuPHP. Most information suggests changing

ForceType application/x-httpd-php

To:

ForceType x-httpd-php

This does not work for me and php code is being displayed as text instead of being parsed by apache.

View 12 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved