Re: tlug: WebMin

[Rafael Coninck Teigao <rafael@example.com>]

Darren Cook wrote:

> >> "Webmin is a web-based interface for system administration for Unix. Using
> >> any browser that supports tables and forms, you can setup user accounts,
> >> Apache, DNS, file sharing and so on. (www.webmin.com) ..."
> >
> >This sounds really hazardous; if the server/script is cracked by an
> >outsider, you've had it.
>
> Is it really any worse than allowing telnet on your machine? With telnet if
> I can find one users password and the superusers password I can do lots of
> damage. Well with a web-based interface I still need to discover these
> don't I?
>

Well, in fact you don't really need to discover this things. Scripts are very,
very, very vulnerable, and so are these pouporri of programs and codes running
on the same time for the same interface, at the same authentication, writing on
so many files........the list goes on; see, it's too many things to go wrong and
exploited!

Hope it helped!

[]'s
    Rafael

-------------------------------------------------------------------
Next Technical Meeting: February 13 (Sat), 12:30 place: Temple Univ.
** presentation: XEmacs, by Steven Baur and Martin Buchholz
Next Nomikai: March 19 (Fri), 19:30   Tengu TokyoEkiMae 03-3275-3691
-------------------------------------------------------------------
more info: http://tlug.linux.or.jp                     Sponsor: PHT