*********** REPLY SEPARATOR ***********
On 7/06/00 at 10:03 Alvin Starr wrote:
>On Wed, 7 Jun 2000, Adrian Likins wrote:
>
>> On Tue, Jun 06, 2000 at 10:10:06PM -0400, Trond Eivind Glomsrød wrote:
>> > [EMAIL PROTECTED] (Prasanth A. Kumar) writes:
>> >
>> > > I don't know if anyone has ever tried Webmin but I can say it is
much
>> > > more user friendly and less intrusive than Linuxconf. I think Redhat
>> > > should seriously look at replacing Linuxconf with Webmin.
>> >
>> > We have.
>> >
>> > > I guess the most serious limitation to Webmin is that it runs over a
>> > > browser, which can be a problem in text mode.
>> >
>> > One of them.
>>
>> Somewhat concerned about the security implications as well. While
>> working in support, I've seen several hosts exploited via webmin. In
that
>> regard, its second only to old bind/admrocks exploits.
>>
>> Now, I should mention that for almost all cases, these were machines
>> that were essentially "admin-free", and I suspect the installations of
webmin
>> were suboptimal. Havent been able to find any known exploits in webmin
>> either, but the sheer volume of exploited machines scares me a bit.
>
>Webmin could use some cleanup in terms of what the default installaiton is
>and possibly a scheme like the one used in satan in that the program did
>not run on a specific port but would run up a random port and pass the
>information to the web browser invoked at the same time.
Maybe you can tell me how a remote browser would do this ? I guess
redirection may be possible with a PHP script or something, how were you
thinking of implimenting this ?
We should also possibly take this to the webmin list , it could do with
more of this sort of discussion instead of how do I get "X" to work which
in rarely anything to do with webmin itself, especially seeing its not even
supplied on a RH CD (AFAIK)
BTW , dont forget Jamie supplies SRPMS now
Regards
Greg Wright
--
IT Consultant Sydney Australia PH 0418 292020
Available for Global Contracts Int. +61 418 292020
web http://www.ausit.com e-mail [EMAIL PROTECTED]
Trading As - AAA Computers, ITpro, Ozzie Soft, providers of IT services.
--
To unsubscribe:
mail -s unsubscribe [EMAIL PROTECTED] < /dev/null
