[ZendTo] Antwort: Re: data leakage prevention

patrick.gaikowski at kaufland.com patrick.gaikowski at kaufland.com
Fri Mar 2 09:27:57 GMT 2012


Hi Jules,

you got it!

But if i'm commenting out the lines, it wouldn't be possible from outside
to make a Drop-Off without authorization, right?
This would not be our aim.

Your Item 2 would be the better solution, because i can limit it to our
company subnets. From outside it should be definitly possible to make an
"unauthorized" Drop-Off, because this is the main aim of that solution :-)

Mit freundlichen Grüßen / Best regards

Patrick Gaikowski
Tel:     +49 7132 94 3568
Fax:    +49 7132 94 73568
E-Mail: patrick.gaikowski at kaufland.com
KI 967850: IT International / IT Governance / Netzwerk Design und
IT-Sicherheit
Office:
Lindichstrasse 11
D-74189 Weinsberg



http://www.kaufland.de
http://www.spannende-it.de
Wir sind die Nr. 1:
Kaufland ist "Bester Lebensmittelmarkt 2011"!

Kaufland Informationssysteme GmbH & Co. KG
Postfach 12 53 - 74149 Neckarsulm
Kommanditgesellschaft
Sitz: Neckarsulm
Registergericht: Stuttgart HRA 104163







                                                                           
   Jules <Jules at zend.to>                                                   
   Gesendet von:                                                           
   zendto-bounces at zend.to                                                  
                                       ZendTo Users <zendto at zend.to>       
                                                                           
   02.03.2012 10:13                                                        
                                                                     Thema 
                                       [ZendTo] Re: data leakage           
             Bitte antworten           prevention                          
             an                                                            
             ZendTo Users                                                  
             <zendto at zend.to>                                              
                                                                           
                                                                           
                                                                           




Sorry for the change in Subject line, I think you posted from the wrong
address by accident.

So you want 2 things:
1) Locally connecting users must log in
2) No drop-offs for users who aren't logged in.

Item 2 (which is what I think you describe below) you can implement
right now yourself by editing /opt/zendto/templates/main_menu.tpl.

What you need to do is remove the "Dropoff" button from the section of
page that is displayed when a user has is not authorised. In my latest
version of that file, it's lines 58-61. Just comment out those lines and
users who have not logged in won't be able to access the "Drop-off"
button in the menu. Once you're sure you've got it right, delete those
lines instead of commenting them out.

Given that you can do item 2 yourself, do you still need item 1?

Jules.

On 02/03/2012 08:48, zendto-owner at zend.to wrote:
>
> Hi Jules,
>
> we do not need/want anonymous users to upload files without prior
> contact. If a file is required, our contact will send out a request to
> the user. We try to maintain a single contact address for most
> requests to cope with absent contacts.
>
> Cheers
> Jörg
>

Jules

--
Julian Field MEng CITP CEng
www.Zend.To

Follow me at twitter.com/JulesFM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654

'It's okay to live without all the answers' - Charlie Eppes, 2011
'All programs have a desire to be useful' - Tron, 1982
'That is the land of lost content,
  I see it shining plain,
  The happy highways where I went,
  And cannot come again.' - A.E. Houseman


_______________________________________________
ZendTo mailing list
ZendTo at zend.to
http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120302/314c7dbb/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: graycol.gif
Type: image/gif
Size: 105 bytes
Desc: not available
Url : http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120302/314c7dbb/attachment-0002.gif 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ecblank.gif
Type: image/gif
Size: 45 bytes
Desc: not available
Url : http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120302/314c7dbb/attachment-0003.gif 


More information about the ZendTo mailing list