OT: RE: Unix Help re Samba - for filePro

[Bill Campbell]

On Tue, Apr 13, 2010, Walter Vaughan wrote:
>
...

>First we don't know what you mean by new server.  Was it just a hardware
>upgrade, or what is the operating system is on the new server?

>*I* really like to  install webmin on servers that have samba on them only
>because it really does make it easy to manage samba on a Unix server. Yes,
>I could manage it from editing a text file like I did back in 1998 or so
>but webmin does make it easier.

I find that the swat program that comes with Samba is a far
better web administration tool than webmin.  Swat has great
on-line help for every Samba option, and it's far easier to
restrict access to it than it is with Webmin.

>Others may think webmin is evil so YMMV. I like it.

It's OK so long as you (a) restrict access by IP address and/or
network block, and (b) never, ever use the usermin pieces as they
are far too easy to provide unauthorized access.  There are what
I consider major problems with webmin's *nix user administration
tools including the ability to accidentally remove minor things
like the /home directory or move /home to a user's $HOME
directory.  Of course I found out about these the hard way, and
have hacked the (ugly) perl code to prevent these bugs, but they
have never made it back into the released code.

I have seen root exploits via usermin where the cracker took
advantage of weak user passwords and at least one SuSE Linux
vulnerability which allowed the remote cracker to change the uid
of a normal user to 0 with the expected results.

Bill
-- 
INTERNET:   bill at celestial.com  Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/  PO Box 820; 6641 E. Mercer Way
Voice:          (206) 236-1676  Mercer Island, WA 98040-0820
Fax:            (206) 232-9186  Skype: jwccsllc (206) 855-5792

...it does not require a majority to prevail, but rather an
irate, tireless minority keen to set brush fires in people's
minds...  -- Samuel Adams