New security advisor for symlink ownership attacks
I'm getting a new oddly worded security advisor which references documentation but doesn't actually link to any docs. I have no idea what it's referring to so can someone point me to the docs please? The security advisor:
Kernel does not support the prevention of symlink ownership attacks.
You do not appear to have any symlink protection enabled through a properly patched kernel on this server, which provides additional protect beyond those solutions employed in userland. Please review the following documentation to learn how to apply this protection.
Thanks
-
Hello, Internal case CPANEL-9233 is open to improve the warning message when Security Advisor detects a lack of kernel support for symlink protection. The document you can reference for the symlink race condition itself is found at: I'll update this thread again once a resolution for CPANEL-9233 is published. Technical information about how this assessor looks for kernel-level symlink protection is available at: Thank you. Update: The resolution to this issue was published to cPanel version 60, and the message is updated to look like this: You do not appear to have any symlink protection enabled on this server. You can protect against this in multiple ways. Please review the following 0
Please sign in to leave a comment.
Comments
1 comment