File: /usr/local/cpanel/bin/jail_safe_passwd

s2s

• November 21, 2013 04:06

Hi, could someone please verify that this file is safe? Warning: The file properties have changed: File: /usr/local/cpanel/bin/jail_safe_passwd Current hash: fe51a88927eec1639019baa49bd4389cf833202f Stored hash : 83607040e4db499abe3564eaa28f3b2a258bb145 Current file modification time: 1384907954 (20-Nov-2013 00:39:14) Stored file modification time : 1383871010 (08-Nov-2013 00:36:50) ...or even better, would it be possible to have a section somewhere that records all current MD5 hashes of binaries so we can freely compare at will (it might help reduce the number of threads like this) ?

• 

  cPanelMichael

  • November 21, 2013 12:50

  Hello :) Yes, that is a legitimate file used by cPanel. Could you let us know the version of cPanel you have installed so we can provide a comparative md5sum? Here is the output from a test system running cPanel 11.40.0.24: [~]# stat /usr/local/cpanel/bin/jail_safe_passwd File: `/usr/local/cpanel/bin/jail_safe_passwd' Size: 6445632 Blocks: 12616 IO Block: 4096 regular file Device: fd00h/64768d Inode: 27001062 Links: 1 Access: (0755/-rwxr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root) Access: 2013-11-20 14:54:32.000000000 -0600 Modify: 2013-11-20 00:39:34.000000000 -0600 Change: 2013-11-20 00:41:00.000000000 -0600 [~]# md5sum /usr/local/cpanel/bin/jail_safe_passwd 30cc014c2ac073f02851b767edbe5038 /usr/local/cpanel/bin/jail_safe_passwd
  Thank you.

  0
• 

  s2s

  • November 22, 2013 08:24

  Hi Michael, Our cPanel version is 11.40.0 (build 24) root@442248 [~]# /usr/local/cpanel/cpanel -V 11.40.0 (build 24) root@442248 [~]# stat /usr/local/cpanel/bin/jail_safe_passwd File: `/usr/local/cpanel/bin/jail_safe_passwd' Size: 6445632 Blocks: 12592 IO Block: 4096 regular file Device: fc03h/64515d Inode: 667622 Links: 1 Access: (0755/-rwxr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root) Access: 2013-11-22 02:00:17.497291953 +0000 Modify: 2013-11-20 00:39:14.080203017 +0000 Change: 2013-11-20 00:40:08.004452339 +0000 root@442248 [~]# md5sum /usr/local/cpanel/bin/jail_safe_passwd 30cc014c2ac073f02851b767edbe5038 /usr/local/cpanel/bin/jail_safe_passwd
  Would it be possible to have a publicly available list of md5 hashes for 'critical' binaries? (su, passwd, gpasswd, etc...)

  0
• 

  cPanelKenneth

  • November 22, 2013 13:45

  Our updater validates all MD5 sums of files it installs, prior to installing them. On your local server you can find a list of MD5 sums in the .cpanelsync.md5s files throughout /usr/local/cpanel. find /usr/local/cpanel -name '.cpanelsync.md5s' should find all of them for you. You can compare the MD5s on your local server with the MD5s on the mirror. On the mirrors the MD5s are stored in http://httpupdate.cpanel.net/cpanelsync//.version-md5-cache. The MD5 sum is the last entry on each line. For example the MD5s for 11.40.0.24 are at . You can find our GPG key, for verification, at [url=http://go.cpanel.net/gnupgkeys]cPanel Security Team GNU Privacy Guard (GnuPG) | cPanel, Inc. Note: we began signing the cpanelsync files (which are the master files for validating a build/installation) with 11.40. Prior versions are not signed.

  0
• 

  martin MHC

  • January 08, 2021 14:57

  It is worth noting that this reference information to remote checking of MD5sum values of CPanel releases no longer appears valid; these URLs are no longer valid links.

  0

Please sign in to leave a comment.