• Plesk Uservoice will be deprecated by October. Moving forward, all product feature requests and improvement suggestions will be managed through our new platform Plesk Productboard.
    To continue sharing your ideas and feedback, please visit features.plesk.com

Possible bug in php-xslt rpm package

gijsbert

Basic Pleskian
If you are planning to use the SiteBuilder application for creating web sites, additional packages needs to be installed. One of these packages is:

php-xslt-1.0-0.i386.rpm

Please note that after installing the php-xslt rpm, the uid/gid of the /etc and /usr directory becomes apache:apache. I can reproduce this by simply installing the php-xslt rpm provided by plesk.

If someone is able to abuse a script on your server (i.e. phpBB), they (apache) have access /etc/ and /usr directory. Not good!!!

Gijsbert Rochat
[email protected]

Sitebytes BV
www.sitebytes.nl
 
Back
Top