nobaloney
NoBaloney Internet Svcs - In Memoriam †
What have you seen that makes you think it could be insecure to use it with a default CentOS kernel? What have you read?
Jeff
[HOWTO] mod_ruid2
- Thread starter daveyw
- Start date
Jeff
cyberneticos
Verified User
Got it from the readme once you download the mod:
-there are some security issues, for instance if attacker successfully exploits the httpd process, he can set effective capabilities and setuid to root. i recommend to use some security patch in kernel (grsec),
or something..
That's kinda scary, but it might be becuase I?m no expert and maybe this is normal or expected.
-there are some security issues, for instance if attacker successfully exploits the httpd process, he can set effective capabilities and setuid to root. i recommend to use some security patch in kernel (grsec),
or something..
That's kinda scary, but it might be becuase I?m no expert and maybe this is normal or expected.
Compatible with mod_php and mod_vhost_alias
Hi guys,
I just heard of mod_ruid2 and I find it very interesting but there isn't much information about it out there.
So do you know if mod_ruid2 is compatible with mod_php and with mod_vhost_alias?
Also hav you ever played with RDocumentChrRoot?
Thanx!
Hi guys,
I just heard of mod_ruid2 and I find it very interesting but there isn't much information about it out there.
So do you know if mod_ruid2 is compatible with mod_php and with mod_vhost_alias?
Also hav you ever played with RDocumentChrRoot?
Thanx!
SeLLeRoNe
Super Moderator
EDIT: my problem is not related to ruid but to mod_security, bad posting.
Regards
Regards
Last edited:
pppplus
Verified User
- Joined
- Dec 19, 2008
- Messages
- 521
Hi,
I try to install mod_ruid2, but stop. Sites are unavailables, I've message : Forbidden when I want to access to them.
I stop just after :
So I do not modify permissions on files.
I prefer to stop, because after changing permissions, it's difficult to come back with previous permissions.
I've an error when I run /usr/local/directadmin/dataskq d800 :
for each domains
I think about another problem :
I have some files in cgi folder with permissions 755, but these files are not .cgi or .pl. (they have no extension).
So how to modify script, to not touch files with 755 permissions ?
This script :
Thanks for your help
I try to install mod_ruid2, but stop. Sites are unavailables, I've message : Forbidden when I want to access to them.
I stop just after :
Code:
/etc/init.d/httpd restartI prefer to stop, because after changing permissions, it's difficult to come back with previous permissions.
I've an error when I run /usr/local/directadmin/dataskq d800 :
Code:
MimeTypes::readFile(): Unable to open /usr/local/directadmin/data/users/admin/domains/5go.fr.handlers for readingI think about another problem :
I have some files in cgi folder with permissions 755, but these files are not .cgi or .pl. (they have no extension).
So how to modify script, to not touch files with 755 permissions ?
This script :
Code:
cd /usr/local/directadmin/scripts && ./set_permissions.sh user_homes
find /home/*/domains/*/public_html -type d -print0 | xargs -0 chmod 711
find /home/*/domains/*/public_html -type f -print0 | xargs -0 chmod 644
find /home/*/domains/*/public_html -type f -name '*.cgi*' -exec chmod 755 {} \;
find /home/*/domains/*/public_html -type f -name '*.pl*' -exec chmod 755 {} \;
find /home/*/domains/*/public_html -type f -name '*.pm*' -exec chmod 755 {} \;
cd /usr/local/directadmin/data/users && for i in `ls`; do { chown -R $i:$i /home/$i/domains/*/public_html;}; done;
SeLLeRoNe
Super Moderator
massive contact me on msn i can check it for you.
regards
regards
just report
i've used mod_ruid + eaccelerrator then get trouble about user quota
user usage status on directadmin/repquota 4x bigger and not same with current user usage on his own directory /home/user/
after investigate, finnaly i found that eaccelerator cache file is also owned by user not root
so when Directadmin counting quota, eaccelerator cache also counted.
i still search solution, how to force eacellerator cache as root
thanks
i've used mod_ruid + eaccelerrator then get trouble about user quota
user usage status on directadmin/repquota 4x bigger and not same with current user usage on his own directory /home/user/
after investigate, finnaly i found that eaccelerator cache file is also owned by user not root
so when Directadmin counting quota, eaccelerator cache also counted.
i still search solution, how to force eacellerator cache as root
thanks
Last edited:
SeLLeRoNe
Super Moderator
how can i determinate which version is installed on my server?
Version information is written to your httpd error log on startup.
SeLLeRoNe
Super Moderator
thanks a lot 
Hallow, have you know or use cloudlinux(www.cloudlinux.com )?
now cloudlinux support mod_ruid2, it's seem i'm the first who use cloudlinux with mod_ruid2
after submit ticket request not more than 1 week mod_ruid2 added in cloudlinux modhostinglimit
now cloudlinux support mod_ruid2, it's seem i'm the first who use cloudlinux with mod_ruid2
after submit ticket request not more than 1 week mod_ruid2 added in cloudlinux modhostinglimit
Last edited:
I have activated mod_ruid2 on one server and a user is having problems with his cgi scripts. This is in the domain error log:
(13)Permission denied: exec of '/home/user/domains/domain.com/public_html/cgi-bin/count/tc.cgi' failed, referer: http://www.domain.com/
Premature end of script headers: tc.cgi, referer: http://www.domain.com/
The cgi-bin folder has 711 permissions and the cgi script 755 permissions.
Any thoughts?
(13)Permission denied: exec of '/home/user/domains/domain.com/public_html/cgi-bin/count/tc.cgi' failed, referer: http://www.domain.com/
Premature end of script headers: tc.cgi, referer: http://www.domain.com/
The cgi-bin folder has 711 permissions and the cgi script 755 permissions.
Any thoughts?
Before we can say whats the problem we would like to see what the first 5 lines are.
Having you this problem since you are using mod_ruid2 or not?
I can also remember something about
and then restart HTTPd.