suexec with kernelcare patch

CanSpace

• October 18, 2022 23:59

We have a client who executes .py files in their main public_html directory which works fine. The issue is that when we install and configure the kernelcare symlink patch, suexec no longer works since /usr/sbin/suexec is a symlink. The only way to allow the client to still execute .py files is to disable suexec, which itself seems like a security risk, since the file is now running as the apache user and not the local user. Is there any way around this? Can we somehow manually set the kernelcare symlink patch to allow access to the /usr/sbin/suexec symlink via the /etc/sysconfig/kcare/sysctl.conf file?

• 

  cPRex Jurassic Moderator

  • October 19, 2022 19:06

  Hey there! I've reached out to the CloudLinux team about this issue, so I'll let you know as soon as I hear back.

  0
• 

  cPRex Jurassic Moderator

  • October 19, 2022 20:09

  Can you let me know what operating system you're using?

  0
• 

  CanSpace

  • October 20, 2022 06:08

  Almalinux 8. Apparently this is a known issue:

  0
• 

  cPRex Jurassic Moderator

  • October 20, 2022 15:41

  Yes, that's why I asked about the operating system - I'm glad you found that article!

  0

Please sign in to leave a comment.