What are the Benifits of CageFS (CloudLinux) ?

[Debasish]

Hello All,

I have gone through cagefs and after reading i found some advantages .

It creates a cage for each user hosted on shared server .
It will limit the resources for each user on the server .

After reading this i am willing to know your point of view.

If one account is hacked on the shared server , Can attacker bypass the cagefs security and symlink the files on the server like others wordpress wp-config files ?

 

[HostNurse]

The benefits of CageFS are:
• Only safe binaries are available to user
• User will not see any other users, and would have no way to detect presence of other users & their user names on the server
• User will not be able to see server configuration files, such as Apache config files.
• User's will have limited view of /proc file system, and will not be able to see other' users processes.

Source: http://docs.cloudlinux.com/index.html?cagefs.html

CageFS prevents hackers from scanning the server for vulnerable files, and ensures that users cannot see any other user.

 

[loedown]

This is pretty interesting, I've never heard of this company. From what i know, pretty much all shared servers are like this anyways. If a shared hosting account is compromised in a cPanel environment at least, it does not have access to other users files or system files outside of the normal ones. Now if the root user is compromised, of course all files are accessible but thats a whole other problem.