Kernel does not support the prevention of symlink ownership attacks
The following message can be seen in Sec. Ad.:
Kernel does not support the prevention of symlink ownership attacks.
I try to retrieve the repository from cPanel:
root@ip-192-xxxx [~]# cd /etc/yum/repos.d/
-bash: cd: /etc/yum/repos.d/: No such file or directory
root@ip-192-xxxx [~]# wget
Resolving securedownloads.cpanel.net... 208.74.123.12, 208.74.121.38
Connecting to securedownloads.cpanel.net|208.74.123.12|:443... connected.
HTTP request sent, awaiting response... 404 Not Found
2018-06-20 07:02:20 ERROR 404: Not Found.
How can i solve this problem.
Please, advice.
-
Hi @Lillike The directory you're referencing doesn't exist: root@ip-192-xxxx [~]# cd /etc/yum/repos.d/ -bash: cd: /etc/yum/repos.d/: No such file or directory
I think you mean to cd to:/etc/yum.repos.d/
Also, the cPKernel was deprecated in v68 of cPanel and is not available in v70. [QUOTE]- We deprecated the cPanel-provided hardened kernel update in cPanel & WHM version 68. We strongly recommend that you KernelCare documentation.
From: How to Harden Your cPanel System's Kernel - cPanel Knowledge Base - cPanel Documentation0 -
If I install v70 of cPanel on the server, there are changes that would result in many server services and websites being reinstalled (is it true?).
can you clarify what you mean by this? I don't understand, the sites and services wouldn't be removed on any server updating.0 -
Hi, Lauren, can you clarify what you mean by this? I don't understand, the sites and services wouldn't be removed on any server updating.
I tried to find the above content, but unfortunately I did not succeed. Once again: v70 of cPanel is secure and therefore there will be no problems (I understand that i may have other problems). After updating, what steps I need to take against the symlink attack. Please, advice.0 -
Hi @Lillike If you want symlink protection we do recommend kernelcare's free symlink race condition protection patchset Symlink Race Condition Protection - EasyApache 4 - cPanel Documentation Thanks! 0 -
I am getting the same warning in security advisor, and I am running the paid version of kernelcare. I am on cPanel v72. Why is that? 0 -
Hi @ronaldst It may be that you don't have the patcheset installed though you do have kernelcare. You can find out by running the following: kcarectl --patch-info
It's also possible that while kernelcare supports your kernel the free patchset does not. Can you show me what kernel you're running:uname -r0 -
--patch-info OS: centos7 kernel: kernel-3.10.0-862.9.1.el7 time: 2018-07-18 11:21:55 kpatch-name: 3.10.0/proc-restrict-pagemap-access.patch kpatch-description: Restrict access to pagemap/kpageflags/kpagecount kpatch-kernel: kpatch-cve: kpatch-cvss: kpatch-cve-url: http://googleprojectzero.blogspot.ru/2015/03/exploiting-dram-rowhammer-bug-to-gain.html kpatch-patch-url: uname: 3.10.0-862.9.1.el7
Kernel3.10.0-862.9.1.el7.x86_640 -
HI @ronaldst This looks like though you have kernelcare and you have a patch installed it's not the symlink protection patch. From their documentation and comments here: The Symlink Protection patchset is available for free for CentOS 6 & 7, even if you are not running KernelCare You might try: kcarectl --set-patch-type extra
Or click the notification in the security advisor Thanks!0 -
That sure solved my issue. Thank you. 0 -
HI @ronaldst I'm really happy to hear that! Thank you for updating the thread to let us know as well. 0
Please sign in to leave a comment.
Comments
11 comments