Beefy Boxes and Bandwidth Generously Provided by pair Networks
laziness, impatience, and hubris
 
PerlMonks  

Re: Security, root and CGI?

by Krambambuli (Deacon)
on Jan 29, 2009 at 07:42 UTC ( #739808=note: print w/ replies, xml ) Need Help??


in reply to Security, root and CGI?

Out of curiosity: have you maybe had a look on Webmin, to check if it would make sense to customize or add a plug-in that would do what you need ?

Thanks,


Krambambuli
---


Comment on Re: Security, root and CGI?
Re^2: Security, root and CGI?
by Anonymous Monk on Jan 29, 2009 at 19:02 UTC

    My advice: If you want security then stay away from Webmin.

    Or atleast, that's my advice from looking at it a couple of years ago... it's implementation that is... I gave up trying to explain the security risk to the author... exploits that could be easily verfied (and fixed) were only met with a response: 'fixed in xyz' (testing xyz revealed it was not fix - so much for testing)

    Also: webmin runs everything as root. Only thing it takes is one little exploit in one of the module and you have root access. (And unless the code really changed in the past years then I'm sure there are many exploits in it)

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://739808]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others romping around the Monastery: (5)
As of 2014-09-16 08:54 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My favorite cookbook is:










    Results (158 votes), past polls