Mailinglist Archive: opensuse-security (359 mails)

< Previous Next >
Re: [suse-security] Webmin security
  • From: Andy Bennett <andy@xxxxxxxxxxxxxxxxxxxxx>
  • Date: Thu, 31 Jul 2003 19:34:10 +0100
  • Message-id: <200307311934.10417.andy@xxxxxxxxxxxxxxxxxxxxx>
Webmin implies running the webmin server, miniserv.pl and perl both of which
are security holes in themselves. Also they need maintaining.

I'd use SSH and yast/editing files for security considerations. Yast makes
keeping a system patched quite easy now with the online update assuming your
system is pretty minimal which is what most servers are, i.e. no X-server,
KDE, etc. etc.

Andy

On Thursday 31 July 2003 16:37, João Reis wrote:
> Hi again.
>
> My main question is if the Webmin is a good tool to do remote
> administration or are better tools ?
>
> On Thursday 31 Jul 2003 16:35, Arndt Faulhaber wrote:
> > Hi Joao,
> >
> > > Does anyone knows if the Webmin permits to do a administration of the
> > > systems securely ?
> >
> > Jup, you can setup webmin to use https.
> >
> > > Example if i connect from home to my company to administer my systems
> > > with webmin is there any secyrity flaws or if it is not advisable ?
> >
> > Otherwise you can access it using ipsec... or restrict the IP address
> > from which access is possible...
> >
> > Cheers, Arndt


< Previous Next >