I’m having an issue with a cPanel shared server running CentOS 5 where a few directories under the public_html folder keep getting changed to 777 from 755. The customer says they are not changing it and i’m wondering if there is a way to monitor these specific directories to find out who/what is changing the permissions.
I have looked into using auditctl and after testing it and changing the permissions myself I don’t see anything in the logs so i’m not sure if i’m doing it right or if it’s even possible.
Does anybody have any suggestions or ideas on how I could figure out what is changing the permissions?
If the customer isn’t changing it, then the web app itself probably is.
chmod 777 opens up all sorts of security headaches, especially in a shared web hosting environment.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.