From c434aaeb54ce230830f8476a526a93686f37dc82 Mon Sep 17 00:00:00 2001 From: master3395 Date: Tue, 14 Apr 2026 21:57:04 +0200 Subject: [PATCH] harden installer adminPass wrapper behavior Persist quoted admin password to /etc/cyberpanel/adminPass and tighten wrapper permissions to 700 in installer-generated /usr/bin/adminPass. --- install/venvsetup_modules/04_after_install.sh | 3 ++- install/venvsetup_monolithic.sh | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/install/venvsetup_modules/04_after_install.sh b/install/venvsetup_modules/04_after_install.sh index 1453cbe61..48569186f 100644 --- a/install/venvsetup_modules/04_after_install.sh +++ b/install/venvsetup_modules/04_after_install.sh @@ -128,7 +128,8 @@ _restart_lscpd_safe systemctl restart lsws echo "/usr/local/CyberPanel/bin/python2 /usr/local/CyberCP/plogical/adminPass.py --password \"\$@\"" > /usr/bin/adminPass echo "systemctl restart lscpd" >> /usr/bin/adminPass -chmod +x /usr/bin/adminPass +echo "echo \"\$@\" > /etc/cyberpanel/adminPass" >> /usr/bin/adminPass +chmod 700 /usr/bin/adminPass if [[ $VERSION = "OLS" ]] ; then WORD="OpenLiteSpeed" # sed -i 's|maxConnections 10000|maxConnections 100000|g' /usr/local/lsws/conf/httpd_config.conf diff --git a/install/venvsetup_monolithic.sh b/install/venvsetup_monolithic.sh index 088f84b8e..0af4b2f54 100644 --- a/install/venvsetup_monolithic.sh +++ b/install/venvsetup_monolithic.sh @@ -1158,7 +1158,8 @@ systemctl restart lscpd systemctl restart lsws echo "/usr/local/CyberPanel/bin/python2 /usr/local/CyberCP/plogical/adminPass.py --password \"\$@\"" > /usr/bin/adminPass echo "systemctl restart lscpd" >> /usr/bin/adminPass -chmod +x /usr/bin/adminPass +echo "echo \"\$@\" > /etc/cyberpanel/adminPass" >> /usr/bin/adminPass +chmod 700 /usr/bin/adminPass if [[ $VERSION = "OLS" ]] ; then WORD="OpenLiteSpeed" # sed -i 's|maxConnections 10000|maxConnections 100000|g' /usr/local/lsws/conf/httpd_config.conf