can a security hole in subdomain casue the main domain to be hacked ?

if i have a script on a sub domain that have a security hole can this cause any danger on th parent domain in linux ?

 

Hello,

That depends on how things are configured on your server, the best thing to do is to fix it asap.

 

Absolutely, if script or sub directory for that sub domain isn't password protected than yes.

 

yes that is correct

 

i would say it depends if the subdomain and main domain files are hosted on the same server or directory.

 

Depending on your hosting platform, PHP and security settings, a sub-domain exploit may be contained only within that sub-domain or could spill into the entire system. With many hosting platforms (cPanel/WHM, Plesk, Ensim), the subdomain often inherits ownership and permission data from the primary account. In this case, unless other restrictions are in place (e.g. open basedir/safe mode), the sub domain script likely has the same read/write/execute writes as the primary domain.

 

This is possible if subdomain and domain are on same server. I'm can say that most commonly this is very simple.
This is also possible if your subdomain configuration scripts contains same passwords that your are using for admin, phpmyadmin, cpanel, ftp etc. of your primary domain.