Security Basics mailing list archives
Re: Webmin Security Questions
From: Muhammad Faisal Rauf Danka <mfrd () attitudex com>
Date: Thu, 24 Oct 2002 13:39:38 -0700 (PDT)
Refer to this post: http://www.der-keiler.de/Mailing-Lists/securityfocus/bugtraq/2002-08/0403.html And make sure your rpc value is "0" or if it's "2" then user admin and root will be able to do whatever they want, regardless of the permissions assigned (according to the post mentioned above). grep "rpc" /home/admin/webmin-0.980/defaultacl Regards -------- Muhammad Faisal Rauf Danka Head of GemSEC / Chief Technology Officer Gem Internet Services (Pvt) Ltd. web: www.gem.net.pk Key Id: 0x784B0202 Key Fingerprint: 6F8C EDCF 6C6E 06A5 48D7 6A20 C592 484B 784B 0202 _____________________________________________________________ --------------------------- [ATTITUDEX.COM] http://www.attitudex.com/ --------------------------- _____________________________________________________________ Select your own custom email address for FREE! Get you () yourchoice com w/No Ads, 6MB, POP & more! http://www.everyone.net/selectmail?campaign=tag
Current thread:
- Webmin Security Questions Joe McCray (Oct 22)
- Re: Webmin Security Questions Devdas Bhagat (Oct 23)
- Re: Webmin Security Questions ATD (Oct 23)
- <Possible follow-ups>
- RE: Webmin Security Questions Allan Jensen (Oct 24)
- RE: Webmin Security Questions ATD (Oct 25)
- RE: Webmin Security Questions Allan Jensen (Oct 25)
- Re: Webmin Security Questions Muhammad Faisal Rauf Danka (Oct 25)
- RE: Webmin Security Questions Paris E. Stone (Oct 28)