I think we need an JIRA. We haven't considered access control for the UIs
before. IMHO, they are inherently unsafe except for operator use ("no user
serviceable parts inside") so random folks should not be given network
paths to them.On Wed, Mar 9, 2016 at 5:31 AM, Lars George <[email protected]> wrote: > Hi, > > Reading the whole HttpServer code base, and while this is a copy it > seems from HttpServer2, including the ability to set ACLs with users > who are allowed to access (admins), I cannot see this ever being set. > Am I missing something, or is there a JIRA documenting that this needs > adding? > > Thanks, > Lars > -- Best regards, - Andy Problems worthy of attack prove their worth by hitting back. - Piet Hein (via Tom White)
