• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • Support for BIND DNS has been removed from Plesk for Windows due to security and maintenance risks.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS.

Possible bug in php-xslt rpm package

G

gijsbert

Basic Pleskian
If you are planning to use the SiteBuilder application for creating web sites, additional packages needs to be installed. One of these packages is:

php-xslt-1.0-0.i386.rpm

Please note that after installing the php-xslt rpm, the uid/gid of the /etc and /usr directory becomes apache:apache. I can reproduce this by simply installing the php-xslt rpm provided by plesk.

If someone is able to abuse a script on your server (i.e. phpBB), they (apache) have access /etc/ and /usr directory. Not good!!!

Gijsbert Rochat
[email protected]

Sitebytes BV
www.sitebytes.nl
 
You must log in or register to reply here.

Similar threads

learning_curve
Resolved Permissions on some of the files packaged by Plesk are incorrect[ERROR] - Post 18.0.69 Upgrade
Replies
19
Views
3K
learning_curve
learning_curve
TimReeves
Forwarded to devs Nginx-only php location does not work for WordPress permalinks
Replies
11
Views
7K
Hockeychap
H
learning_curve
Resolved Upgrade Postfix but use as normal afterwards within Plesk
2
Replies
23
Views
10K
IgorG
IgorG
Sergio Manzi
Forwarded to devs Update hung with PHP 5.4.16 by OS vendor FPM application disabled
Replies
6
Views
2K
Sergio Manzi
Sergio Manzi
criess
  • Poll
Resolved Suexec - Use Custom CGI binary
Replies
3
Views
4K
sergiomb
sergiomb
Back
Top