Um .. it is disabled by default though, at least in the Webmin packages from Other vendors may have enabled it, but that is out of my control :-)

 - Jamie

On 30/Sep/2005 22:36 Alan Dobkin wrote ..
Since you recommend against using this feature (which I agree with), then can it be disabled by default for new installations?

Most people won't know to turn it off manually, and it would increase security by disabling it.


On 9/29/2005 8:04 PM, Jamie Cameron wrote:

That would only happen if you are using some kind of local proxy, such
as an Apache ProxyPass directive. Then usermin would auto-login as the
Apache user!

Personally, I recommend against using that localauth feature, except in
very limited circumstances, such as a non-network box that is only
running a browser locally.