Christian Gennerat wrote:
Package: courier-webadmin
Version: 0.47-11
Severity: important

A server is generally administred by a remote user.
creating the "unsecureok" files allows webadmin to everybody.

Solution:
Specify by a comma-separated, comma-ended list
the IP addresses of valid administrators

A better solution is to either use https:// or restrict access to the webadmin
through your webserver.

Bye
        Racke


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to