Trevor Vaughan wrote: > Personally, I don't see the default behavior as a security flaw. > > Perhaps, I'm missing something....James?
I tend to agree that the current behaviour meets 99% of the functional requirements but I do understand where the original poster is coming from. Like Luke, I don't see why an additional attribute can't be added but I don't see it as a critical security issue. Not to say it should not be developed but IMHO I see the risk of a compromise through this as low and hence feel there is a low ROI in fixing it. If someone wants to pony up some code and tests... Regards James Turnbull -- Author of: * Pro Linux Systems Administration (http://tinyurl.com/linuxadmin) * Pulling Strings with Puppet (http://tinyurl.com/pupbook) * Pro Nagios 2.0 (http://tinyurl.com/pronagios) * Hardening Linux (http://tinyurl.com/hardeninglinux)
signature.asc
Description: OpenPGP digital signature
