Forum
  1. Forums
  2. General
  3. General Discussion
  1. Anonymous User
  2. Wednesday, August 16, 2017
  3.  Subscribe via email
In the linksafe update announcement, it states the following:
CAG-714: cloudlinux-linksafe package should turn off symlink traversal protection by default.


What does this mean exactly?

Does this simply involve the two settings in /etc/sysctl.conf
fs.protected_symlinks_create = 1
fs.protected_hardlinks_create = 1

Is there any impact for servers which get the update that would prefer to keep the cloudlinux linksafe protection on (i.e. will it stay on by default with servers that are updated?)

Thanks.
Rate this post:
  1. 28.08.2017 15:08:10
  2. # 1
Igor Ghertesco Accepted Answer
Posts: 119
Joined: 07.08.2015
0
Votes
Undo
Hello,

If the setting wasn't defined previously, the protection will be turned off to avoid the issues with users transferring to a new server, for example.

And if the protection was enabled before the update or installing CageFS, the settings won't be touched.
  • Page :
  • 1


There are no replies made for this post yet.
Be one of the first to reply to this post!
Guest
Submit Your Response
Upload files or images for this discussion by clicking on the upload button below. Supports gif,jpg,png,zip,rar,pdf
• Remove Upload Files (Maximum File Size: 2 MB)
You may insert polls into your post. The poll would then appear in the post.
Vote Options
Captcha
To protect the site from bots and unauthorized scripts, we require that you enter the captcha codes below before posting your question.