Many servers now days feature software that allows you to do basic to advanced administration through a web browser. There are many problems with adminstering servers this way. For one, these software packages are being developed for an OS which was meant to be used from a CLI, mainly unix based. If you want an easy to administer OS why not just stick with a windows server?

Another reason these packages are evil is that most are created as a suite of cgi applications. The problem is not that they are cgi, but rather that they are known to have many holes in them. For example, the Cobalt Raq servers have a webadmin which can be tricked into viewing restricted files when extra characters are passed to the cgi app. Many more vulnerabilities exist in these software packages, including denial of service attacks.

The most annoying reason why web administration is evil is that you must stick to the default packages for it to work correctly. In other words the company tells you what you can and can't run (Doesn't this remind you of a certain company?). On my raq4 this happened on many occasions. When I migrated from sendmail to qmail it panicked and gave me a severe error warning. The webadmin would also email me on anything I would do manually, such as shutting off telnet.

The only people I can suggest web administration to is people who don't want to get involved in computers at all (ceo's, salespersons, etc.). If you care about security even one bit you will rm -r all your webadmin crap. The reason I say this is because no modification to the os is brutal and will surely leave you open with vulnerabilites, since all defualt installs are full with holes.

Log in or register to write something here or to contact authors.