Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Webmin Security Questions

From: Muhammad Faisal Rauf Danka <mfrd () attitudex com>
Date: Thu, 24 Oct 2002 13:39:38 -0700 (PDT)
Refer to this post:
http://www.der-keiler.de/Mailing-Lists/securityfocus/bugtraq/2002-08/0403.html

And make sure your rpc value is "0" or if it's "2" then user admin and root will be able to do whatever they want, 
regardless of the permissions assigned (according to the post mentioned above).

grep "rpc" /home/admin/webmin-0.980/defaultacl 

Regards
--------
Muhammad Faisal Rauf Danka

Head of GemSEC / Chief Technology Officer
Gem Internet Services (Pvt) Ltd.
web: www.gem.net.pk
Key Id: 0x784B0202
Key Fingerprint: 6F8C EDCF 6C6E 06A5 48D7 6A20 C592 484B 
784B 0202

_____________________________________________________________
---------------------------
[ATTITUDEX.COM]
http://www.attitudex.com/
---------------------------

_____________________________________________________________
Select your own custom email address for FREE! Get you () yourchoice com w/No Ads, 6MB, POP & more! 
http://www.everyone.net/selectmail?campaign=tag
Previous By Date Next
Previous By Thread Next

Current thread: