[ZendTo] Antwort: Re: Antwort: Re: data leakage prevention

Fri Mar 2 10:06:34 GMT 2012

Hi Jules,

this came from Joerg Streibhardt and not from me...

"we do not need/want anonymous users to upload files without prior contact.
If a file is required, our contact will send out a request to the user."
So you don't want people who haven't logged in to be able to send files
unless they've been sent a "request for files".

The problem is that Joerg Streibhardt interrupts our conversation and my
explanation.

But what then do you mean by your text (which I have quoted above)?
Anonymous users == Users who haven't logged in.

Yes, i mean a user not logged in.

Mit freundlichen Grüßen / Best regards

Patrick Gaikowski
Tel:     +49 7132 94 3568
Fax:    +49 7132 94 73568
E-Mail: patrick.gaikowski at kaufland.com
KI 967850: IT International / IT Governance / Netzwerk Design und
IT-Sicherheit
Office:
Lindichstrasse 11
D-74189 Weinsberg

http://www.kaufland.de
http://www.spannende-it.de
Wir sind die Nr. 1:
Kaufland ist "Bester Lebensmittelmarkt 2011"!

Kaufland Informationssysteme GmbH & Co. KG
Postfach 12 53 - 74149 Neckarsulm
Kommanditgesellschaft
Sitz: Neckarsulm
Registergericht: Stuttgart HRA 104163

   Jules <Jules at zend.to>                                                   
   Gesendet von:                                                           
   zendto-bounces at zend.to                                                  
                                       ZendTo Users <zendto at zend.to>       

   02.03.2012 10:39                                                        
                                                                     Thema 
                                       [ZendTo] Re: Antwort:  Re: data     
             Bitte antworten           leakage prevention                  
             an                                                            
             ZendTo Users                                                  
             <zendto at zend.to>                                              

On 02/03/2012 09:27, patrick.gaikowski at kaufland.com wrote:

      Hi Jules,

      you got it!

      But if i'm commenting out the lines, it wouldn't be possible from
      outside to make a Drop-Off without authorization, right?
      This would not be our aim.

To quote from your earlier mail:
"we do not need/want anonymous users to upload files without prior contact.
If a file is required, our contact will send out a request to the user."
So you don't want people who haven't logged in to be able to send files
unless they've been sent a "request for files".

      Your Item 2 would be the better solution, because i can limit it to
      our company subnets. From outside it should be definitly possible to
      make an "unauthorized" Drop-Off, because this is the main aim of that
      solution :-)

But what then do you mean by your text (which I have quoted above)?
Anonymous users == Users who haven't logged in.

I'm totally lost, you seem to be contradicting yourself completely.

      Mit freundlichen Grüßen / Best regards

      Patrick Gaikowski
      Tel:     +49 7132 94 3568
      Fax:    +49 7132 94 73568
      E-Mail: patrick.gaikowski at kaufland.com
      KI 967850: IT International / IT Governance / Netzwerk Design und
      IT-Sicherheit
      Office:
      Lindichstrasse 11
      D-74189 Weinsberg

      http://www.kaufland.de
      http://www.spannende-it.de
      Wir sind die Nr. 1:
      Kaufland ist "Bester Lebensmittelmarkt 2011"!

      Kaufland Informationssysteme GmbH & Co. KG
      Postfach 12 53 - 74149 Neckarsulm
      Kommanditgesellschaft
      Sitz: Neckarsulm
      Registergericht: Stuttgart HRA 104163

            Inactive
          hide details for Jules ---02.03.2012
            10:18:03---Jules
          <Jules at zend.to>Jules ---02.03.2012
            10:18:03---Jules <Jules at zend.to>

       Jules <Jules at zend.to>                                               
       Gesendet von:                                                       
       zendto-bounces at zend.to                                              

       02.03.2012 10:13                                 ZendTo Users       
                                                        <zendto at zend.to>   

       Bitte antworten an                                                  
       ZendTo Users                                                        
       <zendto at zend.to>                                              Thema 

                                                        [ZendTo] Re: data  
                                                        leakage prevention 

      Sorry for the change in Subject line, I think you posted from the
      wrong
      address by accident.

      So you want 2 things:
      1) Locally connecting users must log in
      2) No drop-offs for users who aren't logged in.

      Item 2 (which is what I think you describe below) you can implement
      right now yourself by editing /opt/zendto/templates/main_menu.tpl.

      What you need to do is remove the "Dropoff" button from the section
      of
      page that is displayed when a user has is not authorised. In my
      latest
      version of that file, it's lines 58-61. Just comment out those lines
      and
      users who have not logged in won't be able to access the "Drop-off"
      button in the menu. Once you're sure you've got it right, delete
      those
      lines instead of commenting them out.

      Given that you can do item 2 yourself, do you still need item 1?

      Jules.

      On 02/03/2012 08:48, zendto-owner at zend.to wrote:
      >
      > Hi Jules,
      >
      > we do not need/want anonymous users to upload files without prior
      > contact. If a file is required, our contact will send out a request
      to
      > the user. We try to maintain a single contact address for most
      > requests to cope with absent contacts.
      >
      > Cheers
      > Jörg
      >

      Jules

      --
      Julian Field MEng CITP CEng
      www.Zend.To

      Follow me at twitter.com/JulesFM
      PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654

      'It's okay to live without all the answers' - Charlie Eppes, 2011
      'All programs have a desire to be useful' - Tron, 1982
      'That is the land of lost content,
       I see it shining plain,
       The happy highways where I went,
       And cannot come again.' - A.E. Houseman

      _______________________________________________
      ZendTo mailing list
      ZendTo at zend.to
      http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto

      _______________________________________________
      ZendTo mailing list
      ZendTo at zend.to
      http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto

Jules

--
Julian Field MEng CITP CEng
www.Zend.To

Follow me at twitter.com/JulesFM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654

'It's okay to live without all the answers' - Charlie Eppes, 2011
'All programs have a desire to be useful' - Tron, 1982
'That is the land of lost content,
 I see it shining plain,
 The happy highways where I went,
 And cannot come again.' - A.E. Houseman
_______________________________________________
ZendTo mailing list
ZendTo at zend.to
http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120302/4c6f17b5/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: graycol.gif
Type: image/gif
Size: 105 bytes
Desc: not available
Url : http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120302/4c6f17b5/attachment.gif 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ecblank.gif
Type: image/gif
Size: 45 bytes
Desc: not available
Url : http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120302/4c6f17b5/attachment-0001.gif 