[ZendTo] Re: Antwort: Re: Antwort: Re: data leakage prevention

Jules Jules at Zend.To
Fri Mar 2 20:22:20 GMT 2012 


On 02/03/2012 10:06, patrick.gaikowski at kaufland.com wrote:
>
> Hi Jules,
>
> this came from Joerg Streibhardt and not from me...
>
> "we do not need/want anonymous users to upload files without prior 
> contact. If a file is required, our contact will send out a request to 
> the user."
> So you don't want people who haven't logged in to be able to send 
> files unless they've been sent a "request for files".
>
> The problem is that Joerg Streibhardt interrupts our conversation and 
> my explanation.
>
Please can you and Joerg both state what you want in terms of "people 
who have not logged in" and "people coming from localIPSubnets". I am 
starting to realise that what you and Joerg want are totally different 
things. This may be the cause of some of the confusion.

Can you use different Subject: lines too please? It's really confusing 
to have 2 different people pulling in different directions in the same 
discussion with the same Subject. Try putting "Patrick" or "Joerg" at 
the start of the Subject line, then I know who to ignore in each 
conversation. :)

It seems that one of you wants to eliminate all drop-offs from users who 
have not logged in. But not both of you.

And please stop confusing things by adding comments to each other's 
conversation! :)


Thanks,
Jules.



> But what then do you mean by your text (which I have quoted above)?
> Anonymous users == Users who haven't logged in.
>
> Yes, i mean a user not logged in.
>
> Mit freundlichen Grüßen / Best regards
>
> Patrick Gaikowski
> Tel:     +49 7132 94 3568
> Fax:    +49 7132 94 73568
> E-Mail: patrick.gaikowski at kaufland.com
> KI 967850: IT International / IT Governance / Netzwerk Design und 
> IT-Sicherheit
> Office:
> Lindichstrasse 11
> D-74189 Weinsberg
>
>
>
> http://www.kaufland.de
> http://www.spannende-it.de
> Wir sind die Nr. 1:
> Kaufland ist "Bester Lebensmittelmarkt 2011"!
>
> Kaufland Informationssysteme GmbH & Co. KG
> Postfach 12 53 - 74149 Neckarsulm
> Kommanditgesellschaft
> Sitz: Neckarsulm
> Registergericht: Stuttgart HRA 104163
>
>
>
>
>
>     Inactive hide details for Jules ---02.03.2012 10:42:48---Jules
>     <Jules at zend.to>Jules ---02.03.2012 10:42:48---Jules <Jules at zend.to> 
>
>     *Jules <Jules at zend.to>*
>     Gesendet von: zendto-bounces at zend.to
>
>     02.03.2012 10:39
>         Bitte antworten an
>         ZendTo Users <zendto at zend.to> 
>
> 	
>
> 	
> ZendTo Users <zendto at zend.to>
>
> 	
>
> Thema
> 	
> [ZendTo] Re: Antwort:  Re: data leakage prevention
>
> 	
>
>
>
>
> On 02/03/2012 09:27, _patrick.gaikowski at kaufland.com_ 
> <mailto:patrick.gaikowski at kaufland.com> wrote:
>
>
>     Hi Jules,
>
>     you got it!
>
>     But if i'm commenting out the lines, it wouldn't be possible from
>     outside to make a Drop-Off without authorization, right?
>     This would not be our aim. 
>
>
> To quote from your earlier mail:
> "we do not need/want anonymous users to upload files without prior 
> contact. If a file is required, our contact will send out a request to 
> the user."
> So you don't want people who haven't logged in to be able to send 
> files unless they've been sent a "request for files".
>
>
>
>     Your Item 2 would be the better solution, because i can limit it
>     to our company subnets. From outside it should be definitly
>     possible to make an "unauthorized" Drop-Off, because this is the
>     main aim of that solution :-) 
>
>
> But what then do you mean by your text (which I have quoted above)?
> Anonymous users == Users who haven't logged in.
>
> I'm totally lost, you seem to be contradicting yourself completely.
>
>
>
>     Mit freundlichen Grüßen / Best regards
>
>     Patrick Gaikowski
>     Tel:     +49 7132 94 3568
>     Fax:    +49 7132 94 73568
>     E-Mail: _patrick.gaikowski at kaufland.com_
>     <mailto:patrick.gaikowski at kaufland.com>
>     KI 967850: IT International / IT Governance / Netzwerk Design und
>     IT-Sicherheit
>     Office:
>     Lindichstrasse 11
>     D-74189 Weinsberg
>
>
>     _
>     __http://www.kaufland.de_ <http://www.kaufland.de/>_
>     __http://www.spannende-it.de_ <http://www.spannende-it.de/>
>     Wir sind die Nr. 1:
>     Kaufland ist "Bester Lebensmittelmarkt 2011"!
>
>     Kaufland Informationssysteme GmbH & Co. KG
>     Postfach 12 53 - 74149 Neckarsulm
>     Kommanditgesellschaft
>     Sitz: Neckarsulm
>     Registergericht: Stuttgart HRA 104163
>
>
>
>
>
>         Inactive hide details for Jules ---02.03.2012 10:18:03---Jules
>         <Jules at zend.to>Jules ---02.03.2012 10:18:03---Jules
>         _<Jules at zend.to>_ <mailto:Jules at zend.to>
>             *Jules **_<Jules at zend.to>_* <mailto:Jules at zend.to>
>             Gesendet von: _zendto-bounces at zend.to_
>             <mailto:zendto-bounces at zend.to>
>
>             02.03.2012 10:13
>
>             Bitte antworten an
>             ZendTo Users _<zendto at zend.to>_ <mailto:zendto at zend.to>
>
>         	
>         	
>         ZendTo Users _<zendto at zend.to>_ <mailto:zendto at zend.to>
>         	
>         Thema
>         	
>         [ZendTo] Re: data leakage prevention
>
>         	
>
>
>     Sorry for the change in Subject line, I think you posted from the
>     wrong
>     address by accident.
>
>     So you want 2 things:
>     1) Locally connecting users must log in
>     2) No drop-offs for users who aren't logged in.
>
>     Item 2 (which is what I think you describe below) you can implement
>     right now yourself by editing /opt/zendto/templates/main_menu.tpl.
>
>     What you need to do is remove the "Dropoff" button from the
>     section of
>     page that is displayed when a user has is not authorised. In my
>     latest
>     version of that file, it's lines 58-61. Just comment out those
>     lines and
>     users who have not logged in won't be able to access the "Drop-off"
>     button in the menu. Once you're sure you've got it right, delete
>     those
>     lines instead of commenting them out.
>
>     Given that you can do item 2 yourself, do you still need item 1?
>
>     Jules.
>
>     On 02/03/2012 08:48, _zendto-owner at zend.to_
>     <mailto:zendto-owner at zend.to> wrote:
>     >
>     > Hi Jules,
>     >
>     > we do not need/want anonymous users to upload files without prior
>     > contact. If a file is required, our contact will send out a
>     request to
>     > the user. We try to maintain a single contact address for most
>     > requests to cope with absent contacts.
>     >
>     > Cheers
>     > Jörg
>     >
>
>     Jules
>
>     -- 
>     Julian Field MEng CITP CEng_
>     __www.Zend.To_ <http://www.zend.to/>
>
>     Follow me at twitter.com/JulesFM
>     PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
>
>     'It's okay to live without all the answers' - Charlie Eppes, 2011
>     'All programs have a desire to be useful' - Tron, 1982
>     'That is the land of lost content,
>     I see it shining plain,
>     The happy highways where I went,
>     And cannot come again.' - A.E. Houseman
>
>
>     _______________________________________________
>     ZendTo mailing list_
>     __ZendTo at zend.to_ <mailto:ZendTo at zend.to>_
>     __http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto_
>
>
>
>     _______________________________________________
>     ZendTo mailing list
>     _ZendTo at zend.to_ <mailto:ZendTo at zend.to>
>     _http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto_ 
>
>
> Jules
>
> -- 
> Julian Field MEng CITP CEng
> _www.Zend.To_ <http://www.zend.to/>
>
> Follow me at twitter.com/JulesFM
> PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
>
> 'It's okay to live without all the answers' - Charlie Eppes, 2011
> 'All programs have a desire to be useful' - Tron, 1982
> 'That is the land of lost content,
> I see it shining plain,
> The happy highways where I went,
> And cannot come again.' - A.E. Houseman
> _______________________________________________
> ZendTo mailing list
> ZendTo at zend.to
> http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
>
>
> _______________________________________________
> ZendTo mailing list
> ZendTo at zend.to
> http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto

Jules

-- 
Julian Field MEng CITP CEng
www.Zend.To

Follow me at twitter.com/JulesFM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654

'Teach a man to reason, and he will think for a lifetime.' - Phil Plait
'All programs have a desire to be useful' - Tron, 1982

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120302/bba43741/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 105 bytes
Desc: not available
Url : http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120302/bba43741/attachment-0002.gif 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 45 bytes
Desc: not available
Url : http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20120302/bba43741/attachment-0003.gif

More information about the ZendTo mailing list