Menu
▾
▴
Re: [webmin-l] Webmin security risk!
|
From: Dov Z. <do...@za...> - 2006-08-25 12:30:32
|
=D7=A6=D7=99=D7=98=D7=95=D7=98 Russ Ferriday: > On 25 Aug 2006, at 11:59, Munzir Taha (=D9=85=D9=86=D8=B0=D8=B1 =D8=B7=D9= =87) wrote: > >> On Friday 25 August 2006 08:47, Jamie Cameron wrote: >>> On 24/Aug/2006 22:30 Munzir Taha wrote .. >>> >>>> On Thursday 24 August 2006 18:38, Jamie Cameron wrote: >>>>> On 24/Aug/2006 05:07 Munzir Taha wrote .. >>>>> >> >>>> The real problem is having the root password on this file >>>> /etc/webmin/servers/1108941386.serv >>>> May be this is because I am monitoring another server from webmin. >>> >>> That's right .. the master Webmin needs to store the password of the >>> other server. >>> >>>>> And the files are only readable by root, so >>>>> there is no security risk from normal users.. >>>> >>>> As I read the vulnerability discovered in webmin 1.29- would allow a= ny >>>> anonymous user to read any system file whatever the permissions are.= In >>>> such cases the administrator need some time to provide the patch. >>>> Afterall, this is why the system root password is not only kept in >>>> non-readable by everyone shadow file but also kept encrypted. >>> >>> Keeping it one-way encrypted like in the shadow file is OK for=20 >>> validating >>> users, but not for automatically logging into other systems like Webm= in >>> does.. >> >> I don't know how webmin works but isn't there there any way to=20 >> encrypt it=20 >> while not losing webmin features? > > It could at least be encrypted with a private key and then decrypted=20 > inside Webmin to pass to the other systems. This would add to the=20 > inconvenience of abusing the password, should it be viewed, but any=20 > impression of this being a secure solution is an illusion. > Even using asymmetric keys, as in ssh, Webmin would still hold some=20 > credential which could be copied and abused. > It's an intractable problem. > --r Private keys are a one way incription mechanism. You have to know the=20 original password, and then encrypt it with the public key to see if the=20 result is the same. In our case, we want a method that will allow webmin=20 to know the password. There is no simple anwer here. If Webmin encrypts=20 the password, then any potential hacker can use the encrypription method=20 from Webmin to retrieve it. Just a waste of time. |
