Christian Gennerat wrote:
Package: courier-webadmin
Version: 0.47-11
Severity: important
A server is generally administred by a remote user.
creating the "unsecureok" files allows webadmin to everybody.
Solution:
Specify by a comma-separated, comma-ended list
the IP addresses of valid administrators
A better solution is to either use https:// or restrict access to the webadmin
through your webserver.
Bye
Racke
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]