Hi is normal that some user in the sistem can list files in /etc and /etc/password?
Can you confirm if this is true:
is normal that the server allow a user to list all users with php? This is part of a cPanel server, this is done by getting a list of the directories in /home/
Is normal that a user with php can see all contenct of /etc?
The contents of the /etc shouldn't be 100% viewable but yes some files will be viewable
is normal that a user can check the /etc/passwd?
All users must be able to access this file in order for the operating system to spawn shells
I want to know if is safely that one user with php can read /etc/passwd an see al information that this file have