Forum

This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.
Sentora Support Forums Sentora Forum Archives Sentora Public Support Forums v1.0.x General Support Forum v1.0.x v Sentora - General Security Warning

Sentora - General Security Warning
Vedran B Offline
Sentora Member
*
OS: CentOS 6.7
Version: 1.0.3
Server: VPS
Posts: 24
Threads: 5
Joined: Jan 2016
Reputation: 0
Sex: Male
Thanks: 3
Given 2 thank(s) in 2 post(s)
#9
RE: Sentora - General Security Warning
 01-12-2016, 07:56 AM (This post was last modified: 01-14-2016, 11:46 PM by Vedran B.)
(12-22-2015, 02:34 AM)apinto Wrote:
(12-21-2015, 08:42 AM)iTpain Wrote: is zsudo removed now or is still in use
(08-29-2015, 09:26 AM)Me.B Wrote: And zsudo will be wiped out soon from sentora... that would close all those stories over that.

And we will plan to change the whole security model.

M B

Still in use.
Still safe to use thou

Until it is done a half mesure is to chown your sentora directories down to apache user and chmod them to 770 so sentora can still read and write all the config files but random system users cannot zsudo themselfs up to root or read the /etc/sentora config files and obtain plain text passwords.

Going to break some services
Find
Reply
Thanks given by:


Messages In This Thread
RE: Sentora - General Security Warning - by Ron-e - 08-29-2015, 03:09 AM
RE: Sentora - General Security Warning - by Me.B - 08-29-2015, 07:53 AM
RE: Sentora - General Security Warning - by Me.B - 08-29-2015, 09:26 AM
RE: Sentora - General Security Warning - by Vedran B - 01-12-2016, 07:56 AM

Possibly Related Threads…
Thread Author Replies Views Last Post
Is Sentora dead? rajeevrrs 2 3 ,971 12-17-2022, 09:20 AM
Last Post: TGates
Sentora debug and error files johnnyp 0 1 ,590 10-27-2022, 06:16 PM
Last Post: johnnyp
Transfer Account to another Sentora BenI 1 3 ,333 07-21-2022, 07:19 PM
Last Post: Nigel

Forum Jump:


Users browsing this thread: 3 Guest(s)