Skip to main content

privilege escalation in hook

Comments

4 comments

  • gnusys
    Sorry exact command to register hook was: [~]# /usr/local/cpanel/bin/manage_hooks add script /usr/local/cpanel/3rdparty/bin/reload_nginx.sh --manual --category Stats --event RunUser --stage post --exectype script --escalateprivs
    0
  • gnusys
    I think the example you people have given in Guide to Standardized Hooks - Privilege Escalation - Software Development Kit - cPanel Documentation is itself wrong Examples HTTP domain logs are parsed as the cPanel account that owns the domain. In this example, the /var/cpanel/myapp/do_extra.pl script will run as the root user immediately before the HTTP domain logs parse Because in Guide to Standardized Hooks - Stats Functions - Software Development Kit - cPanel Documentation The Escalate Privileges Attribute: is set with a red X mark . Means privilege escalation wont work for RunUser Which the example contradicts. Please confirm
    0
  • cPanelMichael
    Hello :) Could you open a support ticket using the link in my signature so we can take a closer look? You can post the ticket number here so we can update this thread with the outcome. Thank you.
    0
  • cPanelKenneth
    Hello, I filed case DOC-6832 to get the documentation clarified. Thank you.
    0

Please sign in to leave a comment.