|
|
[webmin-devel] A litle security fix: msg#00015web.webmin.devel
Hi Jamie, I was a problem when using "Webmin Servers Index" with many remote servers with same IP address and diferent users ACLs. Default ACLs uses the IP addresses to Index Servers and to check users permissions. IE: You have "root" and "admin" users. You want to give access to 192.168.0.27 to root but not admin. You set ACLs to root and not admin but admin gains access because permissions are checked against the server IP address. I changed this to check by ID that found in servers index (I think it is a time perl function) and I solved this issue. Look the files yourself. Best regards, -- Hernando Furlan - [ i n t r a R e d e s s r l ] Piedras 264 - 2 A (C1070AAF) - Buenos Aires - ARGENTINA Te.: (54 11) 4342-0049 - http://www.intraredes.com/ mailto:hernando.furlan@xxxxxxxxxxxxxx
|
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | Mailbox in Usermin (was Re: [webmin-devel] [FAQ] Webmin/Usermin/Virtualmin - On the fly updates): 00015, Martin Mewes |
|---|---|
| Next by Date: | Re: Mailbox in Usermin (was Re: [webmin-devel] [FAQ] Webmin/Usermin/Virtualmin - On the fly updates): 00015, Jamie Cameron |
| Previous by Thread: | [FAQ] Webmin/Usermin/Virtualmin - On the fly updatesi: 00015, Martin Mewes |
| Next by Thread: | Re: [webmin-devel] A litle security fix: 00015, Jamie Cameron |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | FAQ | advertise |
