[CentOS] Changing system users pass via webmin

Craig White craigwhite at azapple.com
Fri Sep 29 14:59:16 UTC 2006

On Fri, 2006-09-29 at 07:52 -0500, Ivan Arteaga wrote:
> OK, I really appreciate the time and help of all you guys... got good tips!
> Anyway let me tell you that webmin allow to define webmin groups/users in
> order to give them granular access to specific modules, in this case only
> the "system - change password" option. So there is no way the user change
> what he must not (or what you allow them to do)
> I came here because I posted the question in samba and even webmin lists
> with no success, and anywhere you can find someone that can helps in linux
> world^^
> Sorry if maybe I asked the wrong question in the wrong list or somebody
> wasted time reading or researching about this post.
I really wouldn't recommend the methodology of what you are doing for a
number of reasons:

- It's possible that an upgrade to webmin could cause a change in
permissions that you haven't anticipated it...it's happened in the past
I believe.

- Given that the premise is that webmin has super user powers to
accomplish everything, putting users on it however restricted you think
it might be is just a single error away from breaking.

- Given webmin's history of security issues, it's best to consider
limiting access to webmin to only a few systems.

Usermin however operates as the user and even if broken, doesn't
represent nearly the same threat. I believe if you pursue this further
on the webmin list, you will find that Jamie would concur that Usermin
is the better methodology for this purpose.


More information about the CentOS mailing list