[horde] nic and jonah available without logging in
m.ibarra at cdcixis-na.com
m.ibarra at cdcixis-na.com
Thu Nov 15 06:34:43 PST 2001
-----Original Message-----
From: Jan Schneider [mailto:jan at horde.org]
Sent: Thursday, November 15, 2001 8:34 AM
To: horde at lists.horde.org
Subject: Re: [horde] nic and jonah available without logging in
Zitat von m.ibarra at cdcixis-na.com:
> 1. I would like to have horde provide me with a screen that
> does not even have any of the horde components visible.
> I feel that this is too much info to give out to someone who
> may be attempting to hack into the box.
Not sure what you mean. The login screen, the Horde frameset, ...?
What I mean is that the login screen shows far too much. For instance,
why show icons for all of the inoperable horde modules, instead they
should only be visible once a user has sucessfully logged in, just
my two cents.
> 2. I've modified horde/config/registry.php to ensure that allow_guests
> is set to false and show is set to true, however for some reason I
> can still click on either "nic" or "jonah" and get to those
> screens.
> In the case of jonah, this is harmless (still haven't gotten it to
> work :-) but in the case of nic, it allows anyone to use my machine
> to scan other networks.
Fixed in cvs.
Thanks!
-mike
::::::::::::::::::::::::::::::::::::::::
AMMMa AG - discover your knowledge
:::::::::::::::::::::::::::
Detmolder Str. 25-33 :: D-33604 Bielefeld
fon +49.521.96878-0 :: fax +49.521.96878-20
http://www.ammma.de
::::::::::::::::::::::::::::::::::::::::::::::
--
Horde mailing list: http://horde.org/horde/
Frequently Asked Questions: http://horde.org/faq/
To unsubscribe, mail: horde-unsubscribe at lists.horde.org
More information about the horde
mailing list