Hi
Fuelled by some of the recent discussions, I think the whitelisting
concept needs to be re-thought.
My idea would be that there are only two things that can be whitelisted:
connections and transactions. On the base of what logic, and at what
stage, is up to the plugin, but if the whitelist flag is set, any DENY*
return value from subsequent plugins' hooks should be treated as DECLINED.
Maybe, for the sake of efficiency, we could think of a mechanism for
some plugins that only to checking (no logging and no queuing) to be
bypassed altogether when whitelisting is in effect.
However, I understand that some people would like to run some checking
plugins even if the whitelist flag is set - so should whitelisting be
per plugin instead? [I have difficulty to imagine an easy implementation
of this].
-Johan
--
Johan Almqvist
Christies gate 34 A
0557 Oslo
Norway
Mobile: +47 40 04 68 21
E-mail: [EMAIL PROTECTED]