Scripted hook action code that runs as the cPanel user can escalate that user's privileges.
Hookable events that occur in code that runs as the cPanel user can escalate privileges.
A script must contain the hook action code in order to escalate privileges. Hook action code in Perl modules always executes as the default user for that event.
Do not use this feature unless it is necessary. If the hook action code can run as the event's default user, it should do so. Unnecessary privilege escalation can introduce unnecessary risk to the system.
If a given Standardized Hook defines the escalateprivsdescriptor as true, the system will execute the hook action code as the rootuser.
Many hookable events already run as the root user and do not require the escalateprivsdescriptor.
cPanel, WebHost Manager, and WHM are registered trademarks of cPanel, L.L.C. for providing its computer software that facilitates the management and configuration of Internet web servers. ®2020 All rights reserved.