Symlink Race Condition Protection

LordLiverpool

• May 09, 2017 11:10

Hello cPanel I got an email to say my server had a high risk Symlink vulnerability: I followed the link and hardened my server. The very next day I got another email to say I had a medium risk Symlink vulnerability: Is there any way I can remain on CentOS (not CloudLinux) and fully resolve this issue? Thanks.

• 

  cPanelMichael

  • May 09, 2017 18:32

  Hello, It's advised to disable the Bluehost symlink patch if you already have protection against symlink attacks enabled at the kernel-level. To disable the Bluehost symlink protection patch, select Off for the Symlink Protection option in the Global Configuration section of WHM's Apache Configuration interface (Home >> Service Configuration >> Apache Configuration). This is documented at: Symlink Race Condition Protection - EasyApache 4 - cPanel Documentation Thank you.

  0
• 

  Jaison V John

  • May 25, 2017 03:08

  Hi @cPanelMiachel, Will the Symlink Race Condition Protection work on an OpenVZ container?

  0
• 

  Jaison V John

  • May 25, 2017 03:11

  Update, I've verified that the Symlink Race Condition Protection will not work on an OpenVZ container. Thanks!

  0

Please sign in to leave a comment.