Limit "Extra Admins" menu items (security issues)

Help! (Home for newbies)
1

Is it possible for me to remove some of the items on the “Extra Admins” Virtualmin menu?

image
image252×394 56.9 KB

Specifically in my implementation (a mail server with Roundcube) I want the Extra Admins for adding and removing users and aliases, keeping an eye on quotas, plausibly they might need DKIM record… but “File Manager” and really anything under “Webmin Modules” is not appropriate… maybe “Read User Mail” but that’s a little sketchy (would matter organization to organization).

On a multi-domain server, access to the “System Logs” is a security issue as it could betray other domains and users identity. I shudder to think about the “Scheduled Cron Jobs” in the hands of a know-it-all someone malicious with a guessed-password (and doubtlessly, sooner or later, someone will respond to a quota alert by deleting all of the stuff they don’t understand, like “public_html”, etc).

Thanks

SYSTEM INFORMATION
OS type and version Ubuntu 24.04
Virtualmin version 7.40.1
2

Virtualmin > System Settings > Server Templates > [your template] > “Administrator’s Webmin Modules”

Changes to apply to pre-existing extra admin accounts. Changes to not apply to your main Virtualmin account.

image
image1035×782 84.6 KB

image
image264×306 36.5 KB

(Pretty sure I asked this before and got my answer because I booted a test install that was configured the way I want this… I just couldn’t find the thread… maybe I’ll find this one next time I forget.)

Ron

1 Like
3

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.