Menu
▾
▴
Re: [webmin-devel] A litle security fix
|
From: Jamie C. <jca...@we...> - 2004-05-23 11:40:16
|
Thanks for the fix - I'm not sure why I didn't implement it this way in the first place! I have incorporated it into the main Webmin codebase, but with a small change to add backwards compatability so that existing host-based ACLs still work. - Jamie On Thu, 2004-05-13 at 07:16, Hernando Furlan wrote: > Hi Jamie, > > I was a problem when using "Webmin Servers Index" with many remote > servers with same IP address and diferent users ACLs. > > Default ACLs uses the IP addresses to Index Servers and to check users > permissions. IE: You have "root" and "admin" users. You want to give > access to 192.168.0.27 to root but not admin. You set ACLs to root and > not admin but admin gains access because permissions are checked against > the server IP address. I changed this to check by ID that found in > servers index (I think it is a time perl function) and I solved this > issue. > > Look the files yourself. > > Best regards, |
