Menu
▾
▴
Re: Configuring a demo Webmin?
|
From: Philippe B. <bar...@ag...> - 2001-02-09 07:54:59
|
Hi, I would chroot the webmin instance. my 2 cents On Thu, Feb 08, 2001 at 11:53:57PM -0600, Joe Cooper wrote: > Hey folks, > > What are the gotchas I should look out for when setting up an online > (completely accessible to the internet) Webmin? I don't think Webmin > ACLs even begin to address the security issues with this plan...so I'm > going to go to much greater lengths to insure that no damage can be done > by Webmin. > > My plan is to only include a few specific modules, which will be > hardcoded to edit fake configuration files--possibly new randomly named > ones for every user. I've even considered running a new instance of > Webmin for each user, in a tmp directory, on a randomly selected port > from a pool for directories...this addresses the problem of locking and > multiple users playing with the same configuration options at the same time. > > Obviously, I don't want to run it as root, so what do I need to modify > to run it as a thoroughly unpriviledged user? I'm thinking I will > create a chrooted environment for a "webmin-demo" user account with no > permissions other than reading and writing to the new and fake environment. > > Anyone done something like this? Are there any examples of Webmins that > have been modified for demonstration use? > > Anyone have ideas for how this might be implemented simply, elegantly, > and in 25 lines of perl? ;-) > > I've only begun thinking about this, so I'm not committed to any one > plan of attack. I welcome any and all pointers. > > Thanks! > -- > Joe Cooper <jo...@sw...> > Affordable Web Caching Proxy Appliances > http://www.swelltech.com > > > - > Forwarded by the Webmin development list at web...@we... > To remove yourself from this list, go to > http://lists.sourceforge.net/lists/listinfo/webadmin-devel > > -- Philippe BARNETCHE AGISphere 14, Boulevard Vital Bouhot 92200 NEUILLY/SEINE 01 47 45 99 92 06 10 01 68 11 "He who sacrifices functionality for ease of use loses both and deserves neither." |
