[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security fix that started all this

Subject: Re: Security fix that started all this
From: "Christopher Murtagh" <..hidden..>
Date: Mon, 11 Sep 2006 00:21:50 -0400

On 9/10/06, Tony Fraser <..hidden..> wrote:

I think I'm going to focus
my available resources on maintaining a patch to the current version of
SQL Ledger that removes all authentication from the app leaving it to
rely on $ENV{REMOTE_USER} and the use of external authentication
mechanisms. I've seen a few request for that on sql-ledger-users now and
it's something I've thought would be a good option for quite a while.


This is something I think we would like to see in LedgerSMB, at least
as an option in the ledger.smb.conf file. If you do provide a patch
for that, please send it our way too.

I will be keeping an eye on LedgerSMB as well. If I see significant
positive progress I will switch but at the moment I am going to continue
using SQL Ledger for my accounting needs. At this point I'm just not
clear on what direction LedgerSMB is going.


I imagine that at any time you will be able to look here:

http://svn.sourceforge.net/viewvc/ledger-smb/trunk/TODO?view=markup

or in the sourceforge tracker.

Cheers,

Chris

References:
- Security fix that started all this
  - From: Tony Fraser
- Fwd: Security fix that started all this
  - From: Christopher Murtagh
- Re: Security fix that started all this
  - From: Tony Fraser
- Re: Security fix that started all this
  - From: David Van Ginneken
- Re: Security fix that started all this
  - From: Tony Fraser
- Re: Security fix that started all this
  - From: Tony Fraser

Prev by Date: Re: Security fix that started all this
Next by Date: Potential security issue with LedgerSMB (inherited from SL)
Previous by thread: Re: Security fix that started all this
Next by thread: Re: Security fix that started all this
Index(es):
- Date
- Thread