On 5/2/2012 4:17 PM, Karanbir Singh wrote: > Hi, > > On 05/02/2012 05:58 PM, James B. Byrne wrote: >>> and then you have 2 problems, one of which is a security hole. >>> I've mostly just gone to using nsupdate from the cli for all zone >> For those of us not blessed with either the depth of experience or the > sure, if you are new to Linux on the whole and need a point and click > basics interface to a bunch of things webmin might be a suiteable option > - but no matter how you swing it, Linux admin done right, is going to > need you to graduate from that point-click-livewiththelimitations > mentality and make an effort to learn a few things. The earlier one gets > into that, the better overall experience you are likely to have. > >> security issue respecting access to Webmin is handled simply and >> efficiently in three steps: > ( you then listed 3 ways to limit access, and you are wrong by a wide > margin ) > > the most important vuln in webmin is how its designed, perl interfaces > running as root with exclusive rights to anything on the machine, easily > fiddled with on the machine itself. Perhaps 90% of all hacked centos > machines running webmin, that I've looked at, were exploited locally. > > Also, your email client looks to be broken, its not setting headers > needed for mailing lists threading > > - KB > Oh snap!!!!