I have a problem related to permissions
Hello,
I found a new hobby running an SSH honeypot and watching what the "naughty peole" are trying todo but i have a problem the addon that analyzes the collected data and displays those fancy graphs has a feature called "replay session log" it means i can watch what the attackers are trying todo but it is using an acl and group "www-data" needs read access to the correct directory.
Since i am not running ubuntu or Debian (or any of it's equivelants) but centos the group "www-data" doesn't exist on centos www-data is nobody on centos but that causes another problem.The honeypot addon is written in PHP and it uses the is_readable() function
-
Hey there! You're correct that Apache and PHP run as the nobody user on CentOS with cPanel. In general, cPanel tools restrict the Apache processes to user accounts, so all PHP scripts run as the account user. If you don't have that protection in place, tools like WordPress and other CMS software that let you upload files get owned by nobody, so the users aren't able to access their own content. Is this tool running under a cPanel account or is it installed outside of a cPanel user? If it's outside a user, I'm not personally sure of a great way to get that working securely while still giving it access to tools it needs to function. 0 -
Hello, The addon is running under a cPanel account yes but the files it needs to access to be able to function as it should are outside in another directory not related to cPanel.The instructions mention you need to run setfacl -Rm g:correct_group_here:rx /path/to/the/files but even when i do that it's not working acl's should be supported out of the box since it is a xfs system. I'm suspecting imunify360 hardened PHP has something todo withn it just a feeling though can't proof that. 0 -
There isn't going to be a way for it to access functions outside of the user directory. If that was possible, any PHP script on the server could cause major security issues. 0 -
well so be it i still maually can view those files 0
Please sign in to leave a comment.
Comments
4 comments