[ZendTo] Re: Antwort: Re: Antwort: Re: Antwort: Re: Antwort: Re: Antwort: Re: Security Issue - Data Leakage Prevention
Jules
Jules at Zend.To
Fri Mar 2 09:08:03 GMT 2012
So if the user has not logged in, you don't want to allow drop-offs from
localIPSubnets?
If the user has logged in, or they aren't sending a drop-off from
localIPSubnets, then allow that.
So all you are actually wanting to do is force people connecting from
localIPSubnets to log in, before they can send a drop-off.
I think I'm starting to understand. I'm having a bit of difficulty
understanding your English, but I appreciate that's not your fault! Your
English is infinitely better than my German. :-))
Jules.
On 02/03/2012 08:39, patrick.gaikowski at kaufland.com wrote:
>
> Hi Jules,
>
> i think we can stop that conversation. You are not willing to
> understand me!
>
> I don't want to prevent anonymous login from outside. I want only
> prevent sending Verification to xxx at kaufland.xx if the user (some
> employee from my company without authorization) tries to bypass the
> authorization.
> Sending Verification to *all *other domains should be possible.
>
> Mit freundlichen Grüßen / Best regards
>
> Patrick Gaikowski
> Tel: +49 7132 94 3568
> Fax: +49 7132 94 73568
> E-Mail: patrick.gaikowski at kaufland.com
> KI 967850: IT International / IT Governance / Netzwerk Design und
> IT-Sicherheit
> Office:
> Lindichstrasse 11
> D-74189 Weinsberg
>
>
>
> http://www.kaufland.de
> http://www.spannende-it.de
> Wir sind die Nr. 1:
> Kaufland ist "Bester Lebensmittelmarkt 2011"!
>
> Kaufland Informationssysteme GmbH & Co. KG
> Postfach 12 53 - 74149 Neckarsulm
> Kommanditgesellschaft
> Sitz: Neckarsulm
> Registergericht: Stuttgart HRA 104163
>
>
>
>
>
> Inactive hide details for Jules ---02.03.2012 09:35:32---Jules
> <Jules at zend.to>Jules ---02.03.2012 09:35:32---Jules <Jules at zend.to>
>
> *Jules <Jules at zend.to>*
> Gesendet von: zendto-bounces at zend.to
>
> 02.03.2012 09:32
> Bitte antworten an
> ZendTo Users <zendto at zend.to>
>
>
>
>
> ZendTo Users <zendto at zend.to>
>
>
>
> Thema
>
> [ZendTo] Re: Antwort: Re: Antwort: Re: Antwort: Re: Antwort: Re:
> Security Issue - Data Leakage Prevention
>
>
>
>
> But half the point of ZendTo is that anonymous users *can* create
> drop-offs. Otherwise how do people outside your organisation send
> files to you?
>
> On 01/03/2012 16:47, Joerg Streibhardt wrote:
>
>
> Hello everyone
>
> it appears this may be a use case for a part of my initial patch
> submitted for SQLite 3. If the new function is enabled it would
> not be possible for an anonymous user to create a dropoff at all.
> Registered users on the other hand are able to send files and
> request others to send files to them.
>
> Let me know if this is an option for you.
>
> Cheers
> Jörg
>
>
>
> _______________________________________________
> ZendTo mailing list
> _ZendTo at zend.to_ <mailto:ZendTo at zend.to>
> _http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto_
>
>
> Jules
>
> --
> Julian Field MEng CITP CEng
> _www.Zend.To_ <http://www.zend.to/>
>
> Follow me at twitter.com/JulesFM
> PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
>
> 'It's okay to live without all the answers' - Charlie Eppes, 2011
> 'All programs have a desire to be useful' - Tron, 1982
> 'That is the land of lost content,
> I see it shining plain,
> The happy highways where I went,
> And cannot come again.' - A.E. Houseman
> _______________________________________________
> ZendTo mailing list
> ZendTo at zend.to
> http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
>
>
> _______________________________________________
> ZendTo mailing list
> ZendTo at zend.to
> http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
Jules
--
Julian Field MEng CITP CEng
www.Zend.To
Follow me at twitter.com/JulesFM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
'It's okay to live without all the answers' - Charlie Eppes, 2011
'All programs have a desire to be useful' - Tron, 1982
'That is the land of lost content,
I see it shining plain,
The happy highways where I went,
And cannot come again.' - A.E. Houseman
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120302/4fcd87b4/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 105 bytes
Desc: not available
Url : http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120302/4fcd87b4/attachment.gif
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 45 bytes
Desc: not available
Url : http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120302/4fcd87b4/attachment-0001.gif
More information about the ZendTo
mailing list