Does cPanel hardened kernel supports centOS 7 64bit

KV Karia

• August 22, 2017 08:22

Sir, Link: How to Harden Your cPanel System's Kernel - cPanel Knowledge Base - cPanel Documentation is cPanel harden kernel supports CentOS 7 64bit ? or support CentOS 6 only as per above link? Regards,

• 

  cPanelMichael

  • August 22, 2017 14:40

  Hello, The cPanel-hardened kernel is only available for CentOS 6 64-bit systems. I encourage you to vote for the following feature request if you'd like to see support for CentOS 7 kernels with protection against symlink race condition attacks: cPanel Hardened Kernel for Centos 7.x - to prevent symlink attacks Thank you.

  0
• 

  Skin

  • August 31, 2017 09:48

  So actually the only avasilable solution ( except for cloudlinux) is GRSec kernel patch ?

  0
• 

  cPanelMichael

  • August 31, 2017 17:38

  So actually the only avasilable solution ( except for cloudlinux) is GRSec kernel patch ?

  
  That's correct. The upstream CentOS 7 kernel does not include the symlink protection patch, and there are no patched kernels from cPanel available for CentOS 7 at this time. You can find a list of non-kernel symlink race condition protection options at: Symlink Race Condition Protection - EasyApache 4 - cPanel Documentation Thank you.

  0
• 

  Skin

  • August 31, 2017 19:01

  Thanks, I really hope for an official cPanel Hardened Kernel for Centos 7.x . Is there a good guide for patching ( and mantaining updated ) a kernel with GRSec kernel patch?

  0
• 

  cPanelMichael

  • August 31, 2017 19:14

  Is there a good guide for patching ( and mantaining updated ) a kernel with GRSec kernel patch?

  
  We do not offer a guide as the GrSec kernel is not officially supported for use with cPanel (though some customers report no issues when it's enabled). I recommend posting to the GrSecurity support forums for help setting it up at: grsecurity forums " View forum - grsecurity support Thank you.

  0

Please sign in to leave a comment.