Webmin? Good, Bad, Ugly?
Jake Wright
unixsuperuser at gmail.com
Mon Jul 23 21:15:45 UTC 2007
On 7/23/07, Brian Fahrlander <brian at fahrlander.net> wrote:
>
> Adam McGreggor wrote:
> > On Sat, Jul 21, 2007 at 01:53:18PM -0800, Damien Hull wrote:
> >> Is Webmin good, bad or just damn ugly?
> >
> > I think the UI's hideous, and the app itself a bit hit-and-miss.
>
> Have you seen it lately? It's been re-vamped. The menu is now on
> the side, and I believe it's using CSS to reconfig, but that's just a
> guess.
Yes, it's improved a bunch in the past couple of revisions. Still has a
bunch of table-based layout in older modules, and nobody is going to accuse
Webmin of being fantastic design, but all of the newer modules are CSS-based
and getting cleaner in every revision. There are some really cool skins
being made, too. Stress Free is awesome.
Webmin lets me create a small set of commands that are reachable to
> these guys so they don't accidentally go wandering off into things that
> could cause trouble, and that's helpful. I just wish it were more secure.
I'm not sure I agree on the security bashing that Webmin is taking here.
It's actually got a pretty good security record compared to other similarly
privileged services.
Looking at the security history, I'm seeing a big pile of XSS problems, and
if you go back six revisions there's a file access hole. Otherwise, there's
an account lockout DOS, a source code exposure bug, and a couple of bugs
that expose privileged data to logged in users. So, as long as you've kept
it up to date it's been a pretty narrow window of exposure, I think.
There seems to be increased focus on security in recent releases as well.
Quite a few bugs have been discovered and patched before any public
announcement of the problem. And, it does have a lot of ways to lock it
down to minimize risk.
Anyway, I really like Webmin. With it, I only ever need one administration
tool, and I only have to tell people how to use one thing. When I move to
LDAP from NIS, or migrate data between PostgreSQL and MySQL, or whatever,
it's usually easy to tell non-admins how to do stuff because it looks and
works the same. And the delegation features of Webmin are awesome. sudo is
awesome, too, but there's quite a few things that I've never figured out how
to do with it without jumping through hoops. Like allows a user to manage
only some users passwords, or manage only some VirtualHost sections in
Apache, or BIND hosts files. Nothing else really comes close on those kinds
of details.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20070723/fe4b22f2/attachment.html>
More information about the ubuntu-users
mailing list