Hi, We plan to use useragent and agent version to control API changes and control that data sent by agent are compatible with OCS server. It is what we mean about "security".
Don't forget that we are searching a solution for your agent that is not supported by OCS community, so consider that you are privileged. Kind regards, -- Guillaume ----- Mail original ----- De: "Stéphane Urbanovski" <[email protected]> À: "FusionInventory Developer discussion" <[email protected]> Cc: "developers en" <[email protected]> Envoyé: Vendredi 7 Janvier 2011 14:13:11 Objet: Re: [Fusioninventory-devel] UserAgent patch for FusionInventory Guillaume Rousse a écrit : > Le 07/01/2011 11:23, Guillaume PROTET a écrit : >> Hi, >> >> Your patch won't be integrated as is because, for security reasons, it is >> inconceivable for us to integrate by default an agent not supported by OCS. > I fail to see how decing to examine or reject a message, just because of > client-managed user-agent string, would provide any kind of security > benefit. You'd better validate the content of the message against a > grammar, to check what is said, rather than blindy believe the client > claiming who he is. > > Or find another excuse than 'security'. +1 -- Stéphane Urbanovski _______________________________________________ Fusioninventory-devel mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/fusioninventory-devel
