the configuration template
Options -Indexes +IncludesNOEXEC +FollowSymLinks +ExecCGI allow from all AllowOverride All
In this way, but after the update Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch adds the configuration itself.
I do not want to add the line like "Options = ExecCGI, Includes, IncludesNOEXEC, Indexes, MultiViews, SymLinksIfOwnerMatch". Because it adds a lot of himself in the form of script we + FollowSymLinks. Each time it needs to change. I know that vulnerability.
/usr/share/webmin/virtual-server/feature-web.pl file {
return "Options=ExecCGI,Includes,IncludesNOEXEC,". "Indexes,MultiViews,SymLinksIfOwnerMatch";}
But also on every update is in the form of writing in the way I want when I do it this way does not make sense to me.
intensely configuration, a different solution
Be placed in the general configuration or template configuration is not compelling?
Comments
Submitted by andreychek on Thu, 01/17/2013 - 09:23 Comment #1
There is an option you can add to the Webmin/Virtualmin config that prevents Virtualmin from performing that symlink fix.
I unfortunately can't seem to find the name of it, but Jamie can give us the option whenever he's available shortly.
That fix prevents a user form being able to read any file in /home, but if you're aware of that, and trust the users on your system, then the parameter that Jamie will share should solve the problem you're having at the moment.
Submitted by JamieCameron on Thu, 01/17/2013 - 13:23 Comment #2
You can turn off this fix for new domains by editing the file
/etc/webmin/virtual-server/configand adding the lineallow_symlinks=1to the end of the file.