Menu
▾
▴
Re: [webmin-l] Webmin Doesn't Clean ENV
|
From: Jamie C. <jca...@we...> - 2006-05-26 18:48:20
|
On 26/May/2006 12:15 Agustin Pizarro wrote .. > Hi All, > > I have been searching the web because I have that problem (see subject) > with > version 1.260 > > Even if this http://seclists.org/lists/bugtraq/2001/May/0258.html says > it has > been fixed on 0.83 when I restart my Apache server I can see webmin SID > with > PHP phpinfo() function which may be a serious security problem as it says > here: http://seclists.org/lists/bugtraq/2001/May/0275.html > > Has this been fixed? > > How do I get ENV cleaned when restarting Apache with webmin? > > I am using the miniserv.pl server. Does this still happen if you stop and re-start Apache from within Webmin? I am pretty sure this problem is fixed by clearing all environment variables before calling Apache, although if you just do a restart or apply changes Apache may still be inheriting variables from a previous incorrect version of Webmin. Also, are you using Virtualmin there? It has its own slightly different Apache restart code. - Jamie |
