[23496] in bugtraq
Older Webmin install /tmp
daemon@ATHENA.MIT.EDU (KF)
Thu Dec 13 19:31:30 2001
Message-ID: <3C191357.BFC071BE@snosoft.com>
Date: Thu, 13 Dec 2001 15:45:11 -0500
From: KF <dotslash@snosoft.com>
MIME-Version: 1.0
To: bugtraq@securityfocus.com
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
You shouldn't be using an old webmin anyway but if you are you should be
aware that there
are issues with files in /tmp upon install. The last version I tested
did not have this issue...
The vuln rpm was from sourceforge... the recent one was by mandrake.
Someone may wanna check
other rpms.
As any user:
[elguapo@linux elguapo]$ cd /tmp
[elguapo@linux /tmp]$ ln -s /etc/issue webmin-setup.out
[elguapo@linux /tmp]$ ls -al webmin-setup.out
lrwxrwxrwx 1 elguapo elguapo 10 Dec 13 15:29 webmin-setup.out
-> /etc/issue
As root:
[root@linux /]# rpm -ivh webmin-0.85.rpm
Operating system is Redhat Linux 7.0
webmin
##################################################
Webmin install complete. You can now login to http://research:10000/
as root with your root password.
[root@linux /# cat /etc/issue
***********************************************************************
* Welcome to the Webmin setup script, version 0.85 *
***********************************************************************
Webmin is a web-based interface that allows Unix-like operating
systems and common Unix services to be easily administered.
Installing Webmin in /usr/libexec/webmin ...
***********************************************************************
Webmin uses separate directories for configuration files and log files.
Unless you want to run multiple versions of Webmin at the same time
you can just accept the defaults.
Config file directory [/etc/webmin]: Log file directory [/var/webmin]:
***********************************************************************
Webmin is written entirely in Perl. Please enter the full path to the
Perl 5 interpreter on your system.
Testing Perl ...
Perl seems to be installed ok
***********************************************************************
Operating system name: Redhat Linux
Operating system version: 7.0
***********************************************************************
Webmin uses its own password protected web server to provide access
to the administration programs. The setup script needs to know :
- What port to run the web server on. There must not be another
web server already using this port.
- The login name required to access the web server.
- The password required to access the web server.
- The hostname of this system that the web server should use.
- If the webserver should use SSL (if your system supports it).
- Whether to start webmin at boot time.
Web server port (default 10000): Login name (default admin): Login
password: Web server hostname (default research): Start Webmin at boot
time (y/n):
***********************************************************************
Creating web server config files..
..done
Creating access control file..
..done
Creating start and stop scripts..
..done
Copying config files..
..done
Changing ownership and permissions ..
..done
-KF
