I have a small shared server where couple of websites are hosted, so I'm not sure if this kind of protection will be enough to prevent attackers from executing symlink attack.
I've added symlink
to disabled PHP functions and of course others like exec to prevent from executing ln
command.
Also apparmor
is there in order to prevent some kind of damage.
Even if I allow all PHP functions and those dangerous, apparmor will block ln
command:
apparmor="DENIED" operation="exec" profile="/usr/sbin/apache2" name="/bin/ln"
Is this sufficient protection against symlink attack?