[K12OSN] synaptic and K12LSTP repositories
Eric Harrison
eharrison at mail.mesd.k12.or.us
Sun Aug 21 23:45:32 UTC 2005
On Sun, 21 Aug 2005, Mike Heins wrote:
> Quoting Les Mikesell (les at futuresource.com):
>> On Sun, 2005-08-21 at 13:22, Mike Heins wrote:
>>> In practice, webmin seems to be pretty secure and there are a lot
>>> of people using it successfully. I will admit to placing it a couple
>>> of places where the system administrators don't have strong Linux
>>> knowledge. But I don't think it is the right way to run a railroad
>>> if you have an alternative.
>>
>> Unfortunately, 'the alternative' is years of experience...
>
> I didn't mean to try and sound like I was talking from the top
> of a mountain, not at all. Though I have the years of experience,
> I recognize that not everyone does.
>
> I was just explaining why I think it is not configured into
> k12ltsp by default.
>
You missed the main reason Webmin is not installed by default...
The official Webmin packages copy the root password from /etc/passwd
(or /etc/shadow) when the package is installed. During the process
of installing the operating system, the root password is empty.
If Webmin is installed as part of the OS, it ends up with root
rights and no password. From a security perspective, the results
are non-optimal ;-)
The two choices were to maintain a customized Webmin package that
works around this issue or to have an option to install Webmin
after the install was complete. Maintaining customized packages
can put a huge drag on K12LTSP development, thus the post-install
option was quite attractive.
-Eric
More information about the K12OSN
mailing list