The Compiler Access interface allows the user to disable access to the C and C++ compilers on the server. This can help the user to protect his server from vulnerable attacks on those compilers.
CPANEL has a prescribed procedure to manage compiler access. If the user wishes to enable compiler access he has to click on Enable Compiler Access. Likewise if the user wishes to disable compiler access he has to click on Disable Computer Access.
If the user wishes to grant compiler access to specific users, the following steps need to be performed.
To remove compiler access from a user, the following steps need to be performed:
When the user enables compiler access (default), the /USR/BIN/GCC file has the following permissions:
permissions | user | group |
-RWXR-XR-X | root | root |
When the user disables compiler access, CPANEL changes the permissions of the /USR/BIN/GCC file to:
permissions | user | group |
-RWXR-X— | root | compiler |
The compiler group contains the CPANEL user and any users that you add to the Allow specific users to use the compilers menu.
If the compiler access is restricted again, the compiler group’s membership should be examined. If no one has edited the compiler group, it will still contain people who had access to the compilers the last time that the user restricted access.
The Internet Protocol Address can be accessed as well as access to it can be denied as a result of Host Access Control. The services to which this access can be denied are CPANEL, WHM, WEBMAIL AND WEBDESK. So compiler access seems to be a very important concept in the arena of CPANEL which should be known by all the users in detail.