Home page logo

basics logo Security Basics mailing list archives

Re: Webmin Security Questions
From: Chuck Spafford <chuck.spafford () solipsys com>
Date: 15 Nov 2002 06:58:57 -0000

In-Reply-To: <200210211548.AA22478930 () hardestworkingmanonline com>

Have any of you used Webmin 


I'm looking into webmin software - thought it'd be cool to play with,
but I'm curious about security issues with it.

I've been using Webmin to control Solaris and FreeBSD servers for about 8 
months now.  I had asked the author of Webmin about security, and he said 
there were no major security issues in the newer versions, and no 
successful hack attempts for quite a while that he knew of.

I only use them for internal management - not available outside the LAN, 
so I can't speak of any problems in that area.  I've sicked some of our 
UNIX software developers on it, and some of our more "suspicious" 
employees (just kidding) on the servers and they weren't able to crack 
it.  Without root on the server, they weren't able to get to anything.  
Just make sure you have file permissions correct (especially on the 
password reset script!!).

As far as I'm concerned, it's the best UNIX managment tool around!!!


Chuck Spafford
Asst. Systems Administrator

Solipsys Corporation

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]