[Fusioninventory-devel] UserAgent patch for FusionInventory
Stéphane Urbanovski
s.urbanovski at ac-nancy-metz.fr
Fri Jan 7 13:13:11 UTC 2011
Guillaume Rousse a écrit :
> Le 07/01/2011 11:23, Guillaume PROTET a écrit :
>> Hi,
>>
>> Your patch won't be integrated as is because, for security reasons, it is inconceivable for us to integrate by default an agent not supported by OCS.
> I fail to see how decing to examine or reject a message, just because of
> client-managed user-agent string, would provide any kind of security
> benefit. You'd better validate the content of the message against a
> grammar, to check what is said, rather than blindy believe the client
> claiming who he is.
>
> Or find another excuse than 'security'.
+1
--
Stéphane Urbanovski
More information about the Fusioninventory-devel
mailing list