PasTim wrote: > Notwithstanding the recent LMS security improvements, I assume that > explicitly specifying each of the local IP addresses that might use LMS > in the 'Allowed' list, and not including the router, will achieve much > the same effect, so I don't need to use the CLI password. If an SSH or > VPN server is on the home network that could be explicitly included or > excluded as required.
Hi, sounds like a "clever" idea but.... 1) Who should change that setting? The Installer/updater on a clean install -> yes The Installer/updater on a update install -> ???? The Installer/updater on a update install where -allowedHosts: 127.*,- not in the Server.prefs-> yes 2) Remember the guys we are talking about are "clever" - when Michael changes these settings for them -> They cant use lms from outside (and these clever guys are stupid enough to change that setting back to something they think of) IMHO Michael had the "better" Idea with "lms is available from everywhere but the settings are only from internal except Gateway.... ------------------------------------------------------------------------ DJanGo's Profile: http://forums.slimdevices.com/member.php?userid=1516 View this thread: http://forums.slimdevices.com/showthread.php?t=107165 _______________________________________________ discuss mailing list [email protected] http://lists.slimdevices.com/mailman/listinfo/discuss
